1 # Copyright (C) 2014-2020 all contributors <meta@public-inbox.org>
2 # License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
4 # represents a header value in various forms. Used for HTML generation
5 # in our web interface(s)
6 package PublicInbox::Hval;
9 use Encode qw(find_encoding);
10 use PublicInbox::MID qw/mid_clean mid_escape/;
11 use base qw/Exporter/;
12 our @EXPORT_OK = qw/ascii_html obfuscate_addrs to_filename src_escape
13 to_attr prurl mid_href/;
14 my $enc_ascii = find_encoding('us-ascii');
16 # safe-ish acceptable filename pattern for portability
17 our $FN = '[a-zA-Z0-9][a-zA-Z0-9_\-\.]+[a-zA-Z0-9]'; # needs \z anchor
19 sub mid_href { ascii_html(mid_escape($_[0])) }
21 # some of these overrides are standard C escapes so they're
22 # easy-to-understand when rendered.
23 my %escape_sequence = (
24 "\x00" => '\\0', # NUL
25 "\x07" => '\\a', # bell
26 "\x08" => '\\b', # backspace
27 "\x09" => "\t", # obvious to show as-is
28 "\x0a" => "\n", # obvious to show as-is
29 "\x0b" => '\\v', # vertical tab
30 "\x0c" => '\\f', # form feed
31 "\x0d" => '\\r', # carriage ret (not preceding \n)
32 "\x1b" => '^[', # ASCII escape (mutt seems to escape this way)
33 "\x7f" => '\\x7f', # DEL
44 $xhtml_map{chr($_)} = sprintf('\\x%02x', $_) for (0..31);
45 %xhtml_map = (%xhtml_map, %escape_sequence);
47 # for post-processing the output of highlight.pm and perhaps other
48 # highlighers in the future
50 $_[0] =~ s/\r\n/\n/sg;
51 $_[0] =~ s/'/'/sg; # workaround https://bugs.debian.org/927409
52 $_[0] =~ s/([\x7f\x00-\x1f])/$xhtml_map{$1}/sge;
53 $_[0] = $enc_ascii->encode($_[0], Encode::HTMLCREF);
58 $s =~ s/([<>&'"\x7f\x00-\x1f])/$xhtml_map{$1}/sge;
59 $enc_ascii->encode($s, Encode::HTMLCREF);
62 # returns a protocol-relative URL string
65 if (ref($u) eq 'ARRAY') {
66 my $h = $env->{HTTP_HOST} // $env->{SERVER_NAME};
67 my @host_match = grep(/\b\Q$h\E\b/, @$u);
68 $u = $host_match[0] // $u->[0];
69 # fall through to below:
71 index($u, '//') == 0 ? "$env->{'psgi.url_scheme'}:$u" : $u;
74 # for misguided people who believe in this stuff, give them a
75 # substitution for '.'
76 # ․ · and ͺ were also candidates:
77 # https://public-inbox.org/meta/20170615015250.GA6484@starla/
78 # However, • was chosen to make copy+paste errors more obvious
79 sub obfuscate_addrs ($$;$) {
81 my $repl = $_[2] // '•';
82 my $re = $ibx->{-no_obfuscate_re}; # regex of domains
83 my $addrs = $ibx->{-no_obfuscate}; # { adddress => 1 }
84 $_[1] =~ s/(([\w\.\+=\-]+)\@([\w\-]+\.[\w\.\-]+))/
85 my ($addr, $user, $domain) = ($1, $2, $3);
86 if ($addrs->{$addr} || ((defined $re && $domain =~ $re))) {
89 $domain =~ s!([^\.]+)\.!$1$repl!;
95 # like format_sanitized_subject in git.git pretty.c with '%f' format string
97 my ($s, undef) = split(/\n/, $_[0]);
98 $s =~ s/[^A-Za-z0-9_\.]+/-/g;
105 # convert a filename (or any string) to HTML attribute
107 my %ESCAPES = map { chr($_) => sprintf('::%02x', $_) } (0..255);
108 $ESCAPES{'/'} = ':'; # common
113 # git would never do this to us:
114 return if index($str, '//') >= 0;
117 utf8::encode($str); # to octets
118 if ($str =~ s/\A([^A-Ya-z])//ms) { # start with a letter
119 $first = sprintf('Z%02x', ord($1));
121 $str =~ s/([^A-Za-z0-9_\.\-])/$ESCAPES{$1}/egms;
122 utf8::decode($str); # allow wide chars