aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorMicael Karlberg <[email protected]>2011-10-26 13:56:09 +0200
committerMicael Karlberg <[email protected]>2011-10-26 13:56:09 +0200
commit37650c5ab7d286cdf4a4afa0d6eff1d915f57cff (patch)
treedc439de6c33fca9e166dc3b16ed46ec5e8cfb40e /lib
parent9b6f04a6dfb955a6615f632197f3d70487a97d26 (diff)
downloadotp-37650c5ab7d286cdf4a4afa0d6eff1d915f57cff.tar.gz
otp-37650c5ab7d286cdf4a4afa0d6eff1d915f57cff.tar.bz2
otp-37650c5ab7d286cdf4a4afa0d6eff1d915f57cff.zip
Fixed HTML encode. First *try* to hex decode uri, and then
do the actual html encode. OTP-9655
Diffstat (limited to 'lib')
-rw-r--r--lib/inets/src/http_server/httpd_request.erl8
-rw-r--r--lib/inets/src/http_server/httpd_util.erl10
2 files changed, 12 insertions, 6 deletions
diff --git a/lib/inets/src/http_server/httpd_request.erl b/lib/inets/src/http_server/httpd_request.erl
index 75f03c4fc2..1c23316ecb 100644
--- a/lib/inets/src/http_server/httpd_request.erl
+++ b/lib/inets/src/http_server/httpd_request.erl
@@ -261,12 +261,12 @@ validate_uri(RequestURI) ->
(catch http_uri:decode(string:left(RequestURI, Ndx)))
end,
case UriNoQueryNoHex of
- {'EXIT',_Reason} ->
+ {'EXIT', _Reason} ->
{error, {bad_request, {malformed_syntax, RequestURI}}};
_ ->
- Path = format_request_uri(UriNoQueryNoHex),
- Path2=[X||X<-string:tokens(Path, "/"),X=/="."], %% OTP-5938
- validate_path( Path2,0, RequestURI)
+ Path = format_request_uri(UriNoQueryNoHex),
+ Path2 = [X||X<-string:tokens(Path, "/"),X=/="."], %% OTP-5938
+ validate_path(Path2, 0, RequestURI)
end.
validate_path([], _, _) ->
diff --git a/lib/inets/src/http_server/httpd_util.erl b/lib/inets/src/http_server/httpd_util.erl
index 366843354e..15bfe9c621 100644
--- a/lib/inets/src/http_server/httpd_util.erl
+++ b/lib/inets/src/http_server/httpd_util.erl
@@ -245,7 +245,13 @@ maybe_encode(URI) ->
end.
html_encode(String) ->
- http_util:html_encode(http_uri:decode(String)).
+ try http_uri:decode(String) of
+ Decoded when is_list(Decoded) ->
+ http_util:html_encode(Decoded)
+ catch
+ _:_ ->
+ http_util:html_encode(String)
+ end.
%%convert_rfc_date(Date)->{{YYYY,MM,DD},{HH,MIN,SEC}}
@@ -259,7 +265,7 @@ convert_request_date([D,A,Y,DateType| Rest])->
fun convert_rfc850_date/1
end,
case catch Func([D,A,Y,DateType| Rest]) of
- {ok,Date} ->
+ {ok, Date} ->
Date;
_Error->
bad_date