1
0
Fork 0
mirror of https://github.com/KingDuckZ/kamokan.git synced 2024-12-27 21:35:41 +00:00

Escape any html from pasties before sending the response.

This commit is contained in:
King_DuckZ 2017-04-24 19:41:38 +01:00
parent 3c10d624e3
commit 3e60ea4183
4 changed files with 10 additions and 8 deletions

View file

@ -89,7 +89,7 @@ namespace tawashi {
std::string new_value(parString.data(), parString.size());
std::replace(new_value.begin(), new_value.end(), '+', ' ');
return parCurl.url_unescape(new_value);
return parCurl.unescape(new_value);
}
CurlWrapper::CurlWrapper() :
@ -100,12 +100,12 @@ namespace tawashi {
CurlWrapper::~CurlWrapper() noexcept = default;
std::string CurlWrapper::url_escape (const boost::string_ref& parText) const {
std::string CurlWrapper::escape (const boost::string_ref& parText) const {
const CurlBufferPointer buff(curl_easy_escape(m_curl.get(), parText.data(), parText.size()));
return std::string(buff.get());
}
std::string CurlWrapper::url_unescape (const boost::string_ref& parText) const {
std::string CurlWrapper::unescape (const boost::string_ref& parText) const {
int outLen;
const CurlBufferPointer buff(curl_easy_unescape(m_curl.get(), parText.data(), parText.size(), &outLen));
return std::string(buff.get(), outLen);

View file

@ -32,8 +32,8 @@ namespace tawashi {
CurlWrapper (const CurlWrapper&) = delete;
~CurlWrapper() noexcept;
std::string url_escape (const boost::string_ref& parText) const;
std::string url_unescape (const boost::string_ref& parText) const;
std::string escape (const boost::string_ref& parText) const;
std::string unescape (const boost::string_ref& parText) const;
private:
CurlPtr m_curl;

View file

@ -20,6 +20,7 @@
#include "cgi_post.hpp"
#include "num_to_token.hpp"
#include "settings_bag.hpp"
#include "curl_wrapper.hpp"
#include <ciso646>
#include <sstream>
@ -53,7 +54,8 @@ namespace tawashi {
return;
}
boost::optional<std::string> token = submit_to_redis(pastie);
CurlWrapper curl;
boost::optional<std::string> token = submit_to_redis(curl.escape(pastie));
if (token) {
std::ostringstream oss;
oss << base_uri() << '/' << *token;
@ -67,7 +69,7 @@ namespace tawashi {
m_error_message << '\n';
}
boost::optional<std::string> SubmitPasteResponse::submit_to_redis (boost::string_ref parText) const {
boost::optional<std::string> SubmitPasteResponse::submit_to_redis (const std::string& parText) const {
auto& redis = this->redis();
if (not redis.is_connected())
return boost::optional<std::string>();

View file

@ -30,7 +30,7 @@ namespace tawashi {
private:
virtual void on_process() override;
virtual void on_send (std::ostream& parStream) override;
boost::optional<std::string> submit_to_redis (boost::string_ref parText) const;
boost::optional<std::string> submit_to_redis (const std::string& parText) const;
std::string m_error_message;
};