X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=lib%2FPublicInbox%2FHval.pm;h=fb21041acafcaa534c3563a1f191f902acc631df;hb=6c853f5256f3a324c018a37a9e8a6b9fc8fdc063;hp=ab6e044bbf9716f9a1c23ab00cfa70339a781c70;hpb=f564327fd1e694056a4b13ed398cabd8d0d4c173;p=public-inbox.git diff --git a/lib/PublicInbox/Hval.pm b/lib/PublicInbox/Hval.pm index ab6e044b..fb21041a 100644 --- a/lib/PublicInbox/Hval.pm +++ b/lib/PublicInbox/Hval.pm @@ -1,5 +1,5 @@ -# Copyright (C) 2014-2015 all contributors -# License: AGPLv3 or later (https://www.gnu.org/licenses/agpl-3.0.txt) +# Copyright (C) 2014-2020 all contributors +# License: AGPL-3.0+ # # represents a header value in various forms. Used for HTML generation # in our web interface(s) @@ -7,36 +7,32 @@ package PublicInbox::Hval; use strict; use warnings; use Encode qw(find_encoding); -use URI::Escape qw(uri_escape_utf8); -use PublicInbox::MID qw/mid_clean/; - +use PublicInbox::MID qw/mid_clean mid_escape/; +use base qw/Exporter/; +our @EXPORT_OK = qw/ascii_html obfuscate_addrs to_filename src_escape + to_attr prurl mid_href fmt_ts ts2str/; +use POSIX qw(strftime); my $enc_ascii = find_encoding('us-ascii'); -sub new { - my ($class, $raw, $href) = @_; - - # we never care about leading/trailing whitespace - $raw =~ s/\A\s*//; - $raw =~ s/\s*\z//; - bless { - raw => $raw, - href => defined $href ? $href : $raw, - }, $class; -} +# safe-ish acceptable filename pattern for portability +our $FN = '[a-zA-Z0-9][a-zA-Z0-9_\-\.]+[a-zA-Z0-9]'; # needs \z anchor -sub new_msgid { - my ($class, $msgid, $no_compress) = @_; - $msgid = mid_clean($msgid); - $class->new($msgid, $msgid); -} +sub mid_href { ascii_html(mid_escape($_[0])) } -sub new_oneline { - my ($class, $raw) = @_; - $raw = '' unless defined $raw; - $raw =~ tr/\t\n / /s; # squeeze spaces - $raw =~ tr/\r//d; # kill CR - $class->new($raw); -} +# some of these overrides are standard C escapes so they're +# easy-to-understand when rendered. +my %escape_sequence = ( + "\x00" => '\\0', # NUL + "\x07" => '\\a', # bell + "\x08" => '\\b', # backspace + "\x09" => "\t", # obvious to show as-is + "\x0a" => "\n", # obvious to show as-is + "\x0b" => '\\v', # vertical tab + "\x0c" => '\\f', # form feed + "\x0d" => '\\r', # carriage ret (not preceding \n) + "\x1b" => '^[', # ASCII escape (mutt seems to escape this way) + "\x7f" => '\\x7f', # DEL +); my %xhtml_map = ( '"' => '"', @@ -46,22 +42,92 @@ my %xhtml_map = ( '>' => '>', ); +$xhtml_map{chr($_)} = sprintf('\\x%02x', $_) for (0..31); +%xhtml_map = (%xhtml_map, %escape_sequence); + +# for post-processing the output of highlight.pm and perhaps other +# highlighers in the future +sub src_escape ($) { + $_[0] =~ s/\r\n/\n/sg; + $_[0] =~ s/'/'/sg; # workaround https://bugs.debian.org/927409 + $_[0] =~ s/([\x7f\x00-\x1f])/$xhtml_map{$1}/sge; + $_[0] = $enc_ascii->encode($_[0], Encode::HTMLCREF); +} + sub ascii_html { my ($s) = @_; - $s =~ s/\r\n/\n/sg; # fixup bad line endings - $s =~ s/([<>&'"])/$xhtml_map{$1}/ge; + $s =~ s/([<>&'"\x7f\x00-\x1f])/$xhtml_map{$1}/sge; $enc_ascii->encode($s, Encode::HTMLCREF); } -sub as_html { ascii_html($_[0]->{raw}) } -sub as_href { ascii_html(uri_escape_utf8($_[0]->{href})) } +# returns a protocol-relative URL string +sub prurl ($$) { + my ($env, $u) = @_; + if (ref($u) eq 'ARRAY') { + my $h = $env->{HTTP_HOST} // $env->{SERVER_NAME}; + my @host_match = grep(/\b\Q$h\E\b/, @$u); + $u = $host_match[0] // $u->[0]; + # fall through to below: + } + index($u, '//') == 0 ? "$env->{'psgi.url_scheme'}:$u" : $u; +} -sub raw { - if (defined $_[1]) { - $_[0]->{raw} = $_[1]; - } else { - $_[0]->{raw}; +# for misguided people who believe in this stuff, give them a +# substitution for '.' +# ․ · and ͺ were also candidates: +# https://public-inbox.org/meta/20170615015250.GA6484@starla/ +# However, • was chosen to make copy+paste errors more obvious +sub obfuscate_addrs ($$;$) { + my $ibx = $_[0]; + my $repl = $_[2] // '•'; + my $re = $ibx->{-no_obfuscate_re}; # regex of domains + my $addrs = $ibx->{-no_obfuscate}; # { $address => 1 } + $_[1] =~ s/(([\w\.\+=\-]+)\@([\w\-]+\.[\w\.\-]+))/ + my ($addr, $user, $domain) = ($1, $2, $3); + if ($addrs->{$addr} || ((defined $re && $domain =~ $re))) { + $addr; + } else { + $domain =~ s!([^\.]+)\.!$1$repl!; + $user . '@' . $domain + } + /sge; +} + +# like format_sanitized_subject in git.git pretty.c with '%f' format string +sub to_filename ($) { + my $s = (split(/\n/, $_[0]))[0] // return; # empty string => undef + $s =~ s/[^A-Za-z0-9_\.]+/-/g; + $s =~ tr/././s; + $s =~ s/[\.\-]+\z//; + $s =~ s/\A[\.\-]+//; + $s eq '' ? undef : $s; +} + +# convert a filename (or any string) to HTML attribute + +my %ESCAPES = map { chr($_) => sprintf('::%02x', $_) } (0..255); +$ESCAPES{'/'} = ':'; # common + +sub to_attr ($) { + my ($str) = @_; + + # git would never do this to us: + return if index($str, '//') >= 0; + + my $first = ''; + utf8::encode($str); # to octets + if ($str =~ s/\A([^A-Ya-z])//ms) { # start with a letter + $first = sprintf('Z%02x', ord($1)); } + $str =~ s/([^A-Za-z0-9_\.\-])/$ESCAPES{$1}/egms; + utf8::decode($str); # allow wide chars + $first . $str; } +# for the t= query parameter passed to overview DB +sub ts2str ($) { strftime('%Y%m%d%H%M%S', gmtime($_[0])) }; + +# human-friendly format +sub fmt_ts ($) { strftime('%Y-%m-%d %k:%M', gmtime($_[0])) } + 1;