mirror of
https://github.com/KingDuckZ/kamokan.git
synced 2024-12-27 21:35:41 +00:00
Escape any html from pasties before sending the response.
This commit is contained in:
parent
3c10d624e3
commit
3e60ea4183
4 changed files with 10 additions and 8 deletions
|
@ -89,7 +89,7 @@ namespace tawashi {
|
|||
|
||||
std::string new_value(parString.data(), parString.size());
|
||||
std::replace(new_value.begin(), new_value.end(), '+', ' ');
|
||||
return parCurl.url_unescape(new_value);
|
||||
return parCurl.unescape(new_value);
|
||||
}
|
||||
|
||||
CurlWrapper::CurlWrapper() :
|
||||
|
@ -100,12 +100,12 @@ namespace tawashi {
|
|||
|
||||
CurlWrapper::~CurlWrapper() noexcept = default;
|
||||
|
||||
std::string CurlWrapper::url_escape (const boost::string_ref& parText) const {
|
||||
std::string CurlWrapper::escape (const boost::string_ref& parText) const {
|
||||
const CurlBufferPointer buff(curl_easy_escape(m_curl.get(), parText.data(), parText.size()));
|
||||
return std::string(buff.get());
|
||||
}
|
||||
|
||||
std::string CurlWrapper::url_unescape (const boost::string_ref& parText) const {
|
||||
std::string CurlWrapper::unescape (const boost::string_ref& parText) const {
|
||||
int outLen;
|
||||
const CurlBufferPointer buff(curl_easy_unescape(m_curl.get(), parText.data(), parText.size(), &outLen));
|
||||
return std::string(buff.get(), outLen);
|
||||
|
|
|
@ -32,8 +32,8 @@ namespace tawashi {
|
|||
CurlWrapper (const CurlWrapper&) = delete;
|
||||
~CurlWrapper() noexcept;
|
||||
|
||||
std::string url_escape (const boost::string_ref& parText) const;
|
||||
std::string url_unescape (const boost::string_ref& parText) const;
|
||||
std::string escape (const boost::string_ref& parText) const;
|
||||
std::string unescape (const boost::string_ref& parText) const;
|
||||
|
||||
private:
|
||||
CurlPtr m_curl;
|
||||
|
|
|
@ -20,6 +20,7 @@
|
|||
#include "cgi_post.hpp"
|
||||
#include "num_to_token.hpp"
|
||||
#include "settings_bag.hpp"
|
||||
#include "curl_wrapper.hpp"
|
||||
#include <ciso646>
|
||||
#include <sstream>
|
||||
|
||||
|
@ -53,7 +54,8 @@ namespace tawashi {
|
|||
return;
|
||||
}
|
||||
|
||||
boost::optional<std::string> token = submit_to_redis(pastie);
|
||||
CurlWrapper curl;
|
||||
boost::optional<std::string> token = submit_to_redis(curl.escape(pastie));
|
||||
if (token) {
|
||||
std::ostringstream oss;
|
||||
oss << base_uri() << '/' << *token;
|
||||
|
@ -67,7 +69,7 @@ namespace tawashi {
|
|||
m_error_message << '\n';
|
||||
}
|
||||
|
||||
boost::optional<std::string> SubmitPasteResponse::submit_to_redis (boost::string_ref parText) const {
|
||||
boost::optional<std::string> SubmitPasteResponse::submit_to_redis (const std::string& parText) const {
|
||||
auto& redis = this->redis();
|
||||
if (not redis.is_connected())
|
||||
return boost::optional<std::string>();
|
||||
|
|
|
@ -30,7 +30,7 @@ namespace tawashi {
|
|||
private:
|
||||
virtual void on_process() override;
|
||||
virtual void on_send (std::ostream& parStream) override;
|
||||
boost::optional<std::string> submit_to_redis (boost::string_ref parText) const;
|
||||
boost::optional<std::string> submit_to_redis (const std::string& parText) const;
|
||||
|
||||
std::string m_error_message;
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue