X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=lib%2FPublicInbox%2FHval.pm;h=800508861bcdb28dc435d121d7d1074d6814f2fd;hb=1a8eb0a43c68e64b77fdd3c4ebd977a1ab88e71b;hp=47b41a5844c875ddff9eeabf271485025a157f68;hpb=89f34da9a510bf87293721942d688b1425bb9cf7;p=public-inbox.git diff --git a/lib/PublicInbox/Hval.pm b/lib/PublicInbox/Hval.pm index 47b41a58..80050886 100644 --- a/lib/PublicInbox/Hval.pm +++ b/lib/PublicInbox/Hval.pm @@ -1,34 +1,37 @@ -# Copyright (C) 2014, Eric Wong and all contributors +# Copyright (C) 2014-2015 all contributors # License: AGPLv3 or later (https://www.gnu.org/licenses/agpl-3.0.txt) # -# represents a header value in various forms +# represents a header value in various forms. Used for HTML generation +# in our web interface(s) package PublicInbox::Hval; use strict; use warnings; -use fields qw(raw -as_utf8); use Encode qw(find_encoding); -use CGI qw(escapeHTML); -use URI::Escape qw(uri_escape); +use PublicInbox::MID qw/mid_clean mid_escape/; +use base qw/Exporter/; +our @EXPORT_OK = qw/ascii_html obfuscate_addrs/; + +# for user-generated content (UGC) which may have excessively long lines +# and screw up rendering on some browsers. This is the only CSS style +# feature we use. +use constant STYLE => ''; -my $enc_utf8 = find_encoding('utf8'); my $enc_ascii = find_encoding('us-ascii'); sub new { - my ($class, $raw) = @_; - my $self = fields::new($class); + my ($class, $raw, $href) = @_; - # we never care about leading/trailing whitespace - $raw =~ s/\A\s*//; + # we never care about trailing whitespace $raw =~ s/\s*\z//; - $self->{raw} = $raw; - $self; + bless { + raw => $raw, + href => defined $href ? $href : $raw, + }, $class; } sub new_msgid { - my ($class, $raw) = @_; - $raw =~ s/\A\z//; - $class->new($raw); + my ($class, $msgid) = @_; + $class->new($msgid, mid_escape($msgid)); } sub new_oneline { @@ -39,14 +42,68 @@ sub new_oneline { $class->new($raw); } -sub as_utf8 { - my ($self) = @_; - $self->{-as_utf8} ||= $enc_utf8->encode($self->{raw}); +my %xhtml_map = ( + '"' => '"', + '&' => '&', + "'" => ''', + '<' => '<', + '>' => '>', +); + +$xhtml_map{chr($_)} = sprintf('\\x%02x', $_) for (0..31); +# some of these overrides are standard C escapes so they're +# easy-to-understand when rendered. +$xhtml_map{"\x00"} = '\\0'; # NUL +$xhtml_map{"\x07"} = '\\a'; # bell +$xhtml_map{"\x08"} = '\\b'; # backspace +$xhtml_map{"\x09"} = "\t"; # obvious to show as-is +$xhtml_map{"\x0a"} = "\n"; # obvious to show as-is +$xhtml_map{"\x0b"} = '\\v'; # vertical tab +$xhtml_map{"\x0c"} = '\\f'; # form feed +$xhtml_map{"\x0d"} = '\\r'; # carriage ret (not preceding \n) +$xhtml_map{"\x1b"} = '^['; # ASCII escape (mutt seems to escape this way) +$xhtml_map{"\x7f"} = '\\x7f'; # DEL + +sub ascii_html { + my ($s) = @_; + $s =~ s/\r\n/\n/sg; # fixup bad line endings + $s =~ s/([<>&'"\x7f\x00-\x1f])/$xhtml_map{$1}/sge; + $enc_ascii->encode($s, Encode::HTMLCREF); } -sub ascii_html { $enc_ascii->encode(escapeHTML($_[0]), Encode::HTMLCREF) } +sub as_html { ascii_html($_[0]->{raw}) } -sub as_html { ascii_html($_[0]->as_utf8) } -sub as_href { ascii_html(uri_escape($_[0]->as_utf8)) } +sub raw { + if (defined $_[1]) { + $_[0]->{raw} = $_[1]; + } else { + $_[0]->{raw}; + } +} + +sub prurl { + my ($env, $u) = @_; + index($u, '//') == 0 ? "$env->{'psgi.url_scheme'}:$u" : $u; +} + +# for misguided people who believe in this stuff, give them a +# substitution for '.' +# ․ · and ͺ were also candidates: +# https://public-inbox.org/meta/20170615015250.GA6484@starla/ +# However, • was chosen to make copy+paste errors more obvious +sub obfuscate_addrs ($$) { + my $ibx = $_[0]; + my $re = $ibx->{-no_obfuscate_re}; # regex of domains + my $addrs = $ibx->{-no_obfuscate}; # { adddress => 1 } + $_[1] =~ s/([\w\.\+=\-]+\@([\w\-]+\.[\w\.\-]+))/ + my ($addr, $domain) = ($1, $2); + if ($addrs->{$addr} || ((defined $re && $domain =~ $re))) { + $addr; + } else { + $addr =~ s!([^\.]+)\.!$1•!g; + $addr + } + /sge; +} 1;