[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [libmicrohttpd] Escaped characters in URL
|
From: |
Christian Grothoff |
|
Subject: |
Re: [libmicrohttpd] Escaped characters in URL |
|
Date: |
Wed, 23 Sep 2015 11:57:14 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.7.0 |
Hi David,
I'm a bit confused as to how you are accessing the 'camname' field,
or rather, how you 'skip' to the next field. I suspect you're badly
violating the API, but I'm not sure.
What it sounds to me like is that you're going after 'camname' by
something like:
const char *camname = url[strlen(url)+1];
const char *camvalue = camname[strlen(camname)+1];
const char *nextname = camvalue[strlen(camvalue)+1]; // this fails ...
const char *nextvalue = nextname[strlen(nextname)+1];
where 'url' was the respective argument of the
MHD_AccessHandlerCallback. That kind-of works, modulo escaping, as you
can follow the key-value pairs by walking through memory like this if
there is no escaping, but is excessively ugly and not actually
guaranteed to work by MHD's API (it just happens to work...).
What you should be doing is using either the
MHD_lookup_connection_value() or MHD_get_connection_values() functions:
const char *camvalue = MHD_lookup_connection_value (connection,
MHD_GET_ARGUMENT_KIND, "camname");
const char *nextvalue = MHD_lookup_connection_value (connection,
MHD_GET_ARGUMENT_KIND, "nextname");
So are you actually using MHD_lookup_connection_value(), or walking
illicitly over MHD's internal buffers? :-)
Happy hacking!
Christian
On 09/22/2015 06:47 PM, address@hidden wrote:
> Hi there,
>
> I've been using libmicrohttpd for a number of years now, but I have just
> found a basic problem with my URL parser when I receive a URL with
> escaped characters. In my webpage I am using the javascript function,
> encodeURIComponent() to help produce the escaped URL, something like this:-
>
> setcamparam.cgi?camname=cam&fred, where "cam&fred" is the name string
>
> This is converted into the following url
>
> setcamparam.cgi?camname=cam%26fred
>
> which is fine.
>
> The problem is in my http_access_callback, when I receive this url, I
> seem to receive "cam&fred" unescaped, but the length of the field I need
> to skip in the url is 2 more than the string length. If there are more
> escaped characters in the url, then the difference is even higher.
>
> How do I know how many escaped characters have been unescaped so that I
> can parse the url correctly and skip to the next field? I'm just using
> strlen() to skip over each field.
>
> Best regards
>
> David
>
>
0xE29FC3CC.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature