[nginx] svn commit: r4313 - trunk/src/core
mdounin at mdounin.ru
mdounin at mdounin.ru
Fri Nov 25 16:36:04 UTC 2011
Author: mdounin
Date: 2011-11-25 16:36:02 +0000 (Fri, 25 Nov 2011)
New Revision: 4313
Log:
Added escaping of double quotes in ngx_escape_html().
Patch by Zaur Abasmirzoev.
Modified:
trunk/src/core/ngx_string.c
Modified: trunk/src/core/ngx_string.c
===================================================================
--- trunk/src/core/ngx_string.c 2011-11-23 14:09:19 UTC (rev 4312)
+++ trunk/src/core/ngx_string.c 2011-11-25 16:36:02 UTC (rev 4313)
@@ -1657,6 +1657,10 @@
len += sizeof("&") - 2;
break;
+ case '"':
+ len += sizeof(""") - 2;
+ break;
+
default:
break;
}
@@ -1684,6 +1688,11 @@
*dst++ = ';';
break;
+ case '"':
+ *dst++ = '&'; *dst++ = 'q'; *dst++ = 'u'; *dst++ = 'o';
+ *dst++ = 't'; *dst++ = ';';
+ break;
+
default:
*dst++ = ch;
break;
More information about the nginx-devel
mailing list