void jsEscape(const char* in_, int inLen, CP::StreamWriter& sw) {
//XXX: dangerous (potentially exploitable) codepath; please audit
uint8_t* in = (uint8_t*) in_;
int sz = 0;
for (int i = 0; i < inLen; i++) {
if (isalnum(in[i])) sz++;
else sz += 6;
}
char* data = sw.beginWrite(sz);
char* c = data;
for (int i = 0; i < inLen; i++) {
uint8_t ch = (uint8_t) in[i];
if (isalnum(in[i])) *(c++) = in[i];
else {
c[0] = '\\';
c[1] = 'u';
c[2] = '0';
c[3] = '0';
c[4] = intToHexChar(in[i] >> 4);
c[5] = intToHexChar(in[i] & 0xF);
c += 6;
}
}
sw.endWrite(sz);
}
void htmlAttributeEscape(const char* in, int inLen, CP::StreamWriter& sw) {
int last_i = 0;
const char* tmp;
for (int i = 0; i < inLen; i++) {
switch (in[i]) {
case '&':
tmp = "&";
break;
case '<':
tmp = "<";
break;
case '>':
tmp = ">";
break;
case '"':
tmp = """;
break;
case '\'':
tmp = "'";
break;
default:
continue;
}
if (i > last_i) sw.write(in + last_i, i - last_i);
last_i = i + 1;
sw.write(tmp);
}
if (inLen > last_i) sw.write(in + last_i, inLen - last_i);
}
void htmlAttributeEscape(const char* in, int inLen, CP::StreamWriter& sw) {
//XXX: dangerous (potentially exploitable) codepath; please audit
int last_i = 0;
const char* tmp;
for (int i = 0; i < inLen; i++) {
switch (in[i]) {
case '&':
tmp = "&";
break;
case '<':
tmp = "<";
break;
case '>':
tmp = ">";
break;
case '"':
tmp = """;
break;
case '\'':
tmp = "'";
break;
default:
continue;
}
if (i > last_i) sw.write(in + last_i, i - last_i);
last_i = i + 1;
sw.write(tmp);
}
if (inLen > last_i) sw.write(in + last_i, inLen - last_i);
}
void Response_doWriteHeaders(Response* This, CP::StreamWriter& sw) {
//sw.writeF("HTTP/1.1 %i %s\r\n", This->statusCode, This->statusName);
{
char* s1 = sw.beginWrite(32);
memcpy(s1, "HTTP/1.1 ", 9);
int x = 9 + itoa(This->statusCode, s1 + 9);
s1[x] = ' ';
x++;
memcpy(s1 + x, This->statusName.data(), This->statusName.length());
x += This->statusName.length();
s1[x] = '\r';
s1[x + 1] = '\n';
x += 2;
sw.endWrite(x);
}
if (This->sendChunked) This->headers["Transfer-Encoding"] = "chunked";
for (auto it = This->headers.begin(); it != This->headers.end(); it++) {
int l1 = (*it).first.length();
int l2 = (*it).second.length();
char* tmp = sw.beginWrite(l1 + 4 + l2);
memcpy(tmp, (*it).first.data(), l1);
tmp[l1] = ':';
tmp[l1 + 1] = ' ';
memcpy(tmp + l1 + 2, (*it).second.data(), l2);
tmp[l1 + 2 + l2] = '\r';
tmp[l1 + 2 + l2 + 1] = '\n';
sw.endWrite(l1 + 4 + l2);
//sw.writeF("%s: %s\r\n", (*it).first.c_str(), (*it).second.c_str());
}
sw.write("\r\n", 2);
}
void htmlEscape(const char* in, int inLen, CP::StreamWriter& sw) {
//XXX: dangerous (potentially exploitable) codepath; please audit
int sz = 0;
for (int i = 0; i < inLen; i++) {
switch (in[i]) {
case '&':
sz += 5;
break;
case '<':
sz += 4;
break;
case '>':
sz += 4;
break;
default:
sz++;
break;
}
}
char* data = sw.beginWrite(sz);
char* c = data;
for (int i = 0; i < inLen; i++) {
switch (in[i]) {
case '&':
c[0] = '&';
c[1] = 'a';
c[2] = 'm';
c[3] = 'p';
c[4] = ';';
c += 5;
break;
case '<':
c[0] = '&';
c[1] = 'l';
c[2] = 't';
c[3] = ';';
c += 4;
break;
case '>':
c[0] = '&';
c[1] = 'g';
c[2] = 't';
c[3] = ';';
c += 4;
break;
default:
*(c++) = in[i];
}
}
sw.endWrite(sz);
}
void htmlEscape(const char* in, int inLen, CP::StreamWriter& sw) {
int sz = 0;
for (int i = 0; i < inLen; i++) {
switch (in[i]) {
case '&':
sz += 5;
break;
case '<':
sz += 4;
break;
case '>':
sz += 4;
break;
default:
sz++;
break;
}
}
char* data = sw.beginWrite(sz);
char* c = data;
for (int i = 0; i < inLen; i++) {
switch (in[i]) {
case '&':
c[0] = '&';
c[1] = 'a';
c[2] = 'm';
c[3] = 'p';
c[4] = ';';
c += 5;
break;
case '<':
c[0] = '&';
c[1] = 'l';
c[2] = 't';
c[3] = ';';
c += 4;
break;
case '>':
c[0] = '&';
c[1] = 'g';
c[2] = 't';
c[3] = ';';
c += 4;
break;
default:
*(c++) = in[i];
}
}
sw.endWrite(sz);
}
void htmlEscape2(const char* in, CP::StreamWriter& sw) {
/// first calculate size
const char *p=in;
int size=0;
while( (*p) ){
size+=onion_html_encoding_size(*p);
p++;
}
p=in;
char* ret=sw.beginWrite(size);
char *t=ret;
while( (*p) ){
t=onion_html_add_enc(*p, t);
p++;
}
sw.endWrite(size);
}
void urlEncode(const char* in, int inLen, CP::StreamWriter& sw) {
int last_i = 0;
const char* c = in;
char ch[3];
ch[0] = '%';
for (int i = 0; i < inLen; i++) {
if ((48 <= c[i] && c[i] <= 57) || //0-9
(65 <= c[i] && c[i] <= 90) || //abc...xyz
(97 <= c[i] && c[i] <= 122) || //ABC...XYZ
(c[i] == '~' || c[i] == '!' || c[i] == '*' || c[i] == '(' || c[i] == ')'
|| c[i] == '\'')) continue;
if (i > last_i) sw.write(in + last_i, i - last_i);
last_i = i + 1;
ch[1] = intToHexChar(c[i] >> 4);
ch[2] = intToHexChar(c[i] & (char) 0xF);
sw.write(ch, 3);
}
if (inLen > last_i) sw.write(in + last_i, inLen - last_i);
}
void Page::render(CP::StreamWriter& out) {
out.write("This is the default page of the cppsp C++ "
"web application framework. If you see this, it means "
"you haven't overridden the render() method derived from cppsp::Page.");
}
