X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=lib%2FPublicInbox%2FHval.pm;h=39256ee01e0380bdfafd8c655265a82ceb796100;hb=c242a28351d3a9a39224d35031d71afc02993c7a;hp=0e199025adcec36d72d55e139900e1bf03f26edc;hpb=24a309bd1221a24ac673ece463f765f7a92921ff;p=public-inbox.git
diff --git a/lib/PublicInbox/Hval.pm b/lib/PublicInbox/Hval.pm
index 0e199025..39256ee0 100644
--- a/lib/PublicInbox/Hval.pm
+++ b/lib/PublicInbox/Hval.pm
@@ -1,5 +1,5 @@
-# Copyright (C) 2014-2015 all contributors
-# License: AGPLv3 or later (https://www.gnu.org/licenses/agpl-3.0.txt)
+# Copyright (C) 2014-2019 all contributors
+# License: AGPL-3.0+
#
# represents a header value in various forms. Used for HTML generation
# in our web interface(s)
@@ -9,15 +9,13 @@ use warnings;
use Encode qw(find_encoding);
use PublicInbox::MID qw/mid_clean mid_escape/;
use base qw/Exporter/;
-our @EXPORT_OK = qw/ascii_html obfuscate_addrs to_filename/;
-
-# for user-generated content (UGC) which may have excessively long lines
-# and screw up rendering on some browsers. This is the only CSS style
-# feature we use.
-use constant STYLE => '';
-
+our @EXPORT_OK = qw/ascii_html obfuscate_addrs to_filename src_escape
+ to_attr from_attr prurl/;
my $enc_ascii = find_encoding('us-ascii');
+# safe-ish acceptable filename pattern for portability
+our $FN = '[a-zA-Z0-9][a-zA-Z0-9_\-\.]+[a-zA-Z0-9]'; # needs \z anchor
+
sub new {
my ($class, $raw, $href) = @_;
@@ -34,13 +32,20 @@ sub new_msgid {
$class->new($msgid, mid_escape($msgid));
}
-sub new_oneline {
- my ($class, $raw) = @_;
- $raw = '' unless defined $raw;
- $raw =~ tr/\t\n / /s; # squeeze spaces
- $raw =~ tr/\r//d; # kill CR
- $class->new($raw);
-}
+# some of these overrides are standard C escapes so they're
+# easy-to-understand when rendered.
+my %escape_sequence = (
+ "\x00" => '\\0', # NUL
+ "\x07" => '\\a', # bell
+ "\x08" => '\\b', # backspace
+ "\x09" => "\t", # obvious to show as-is
+ "\x0a" => "\n", # obvious to show as-is
+ "\x0b" => '\\v', # vertical tab
+ "\x0c" => '\\f', # form feed
+ "\x0d" => '\\r', # carriage ret (not preceding \n)
+ "\x1b" => '^[', # ASCII escape (mutt seems to escape this way)
+ "\x7f" => '\\x7f', # DEL
+);
my %xhtml_map = (
'"' => '"',
@@ -51,18 +56,16 @@ my %xhtml_map = (
);
$xhtml_map{chr($_)} = sprintf('\\x%02x', $_) for (0..31);
-# some of these overrides are standard C escapes so they're
-# easy-to-understand when rendered.
-$xhtml_map{"\x00"} = '\\0'; # NUL
-$xhtml_map{"\x07"} = '\\a'; # bell
-$xhtml_map{"\x08"} = '\\b'; # backspace
-$xhtml_map{"\x09"} = "\t"; # obvious to show as-is
-$xhtml_map{"\x0a"} = "\n"; # obvious to show as-is
-$xhtml_map{"\x0b"} = '\\v'; # vertical tab
-$xhtml_map{"\x0c"} = '\\f'; # form feed
-$xhtml_map{"\x0d"} = '\\r'; # carriage ret (not preceding \n)
-$xhtml_map{"\x1b"} = '^['; # ASCII escape (mutt seems to escape this way)
-$xhtml_map{"\x7f"} = '\\x7f'; # DEL
+%xhtml_map = (%xhtml_map, %escape_sequence);
+
+# for post-processing the output of highlight.pm and perhaps other
+# highlighers in the future
+sub src_escape ($) {
+ $_[0] =~ s/\r\n/\n/sg;
+ $_[0] =~ s/'/'/sg; # workaround https://bugs.debian.org/927409
+ $_[0] =~ s/([\x7f\x00-\x1f])/$xhtml_map{$1}/sge;
+ $_[0] = $enc_ascii->encode($_[0], Encode::HTMLCREF);
+}
sub ascii_html {
my ($s) = @_;
@@ -81,8 +84,15 @@ sub raw {
}
}
-sub prurl {
+# returns a protocol-relative URL string
+sub prurl ($$) {
my ($env, $u) = @_;
+ if (ref($u) eq 'ARRAY') {
+ my $h = $env->{HTTP_HOST} // $env->{SERVER_NAME};
+ my @host_match = grep(/\b\Q$h\E\b/, @$u);
+ $u = $host_match[0] // $u->[0];
+ # fall through to below:
+ }
index($u, '//') == 0 ? "$env->{'psgi.url_scheme'}:$u" : $u;
}
@@ -91,8 +101,9 @@ sub prurl {
# ․ · and ͺ were also candidates:
# https://public-inbox.org/meta/20170615015250.GA6484@starla/
# However, • was chosen to make copy+paste errors more obvious
-sub obfuscate_addrs ($$) {
+sub obfuscate_addrs ($$;$) {
my $ibx = $_[0];
+ my $repl = $_[2] || '•';
my $re = $ibx->{-no_obfuscate_re}; # regex of domains
my $addrs = $ibx->{-no_obfuscate}; # { adddress => 1 }
$_[1] =~ s/(([\w\.\+=\-]+)\@([\w\-]+\.[\w\.\-]+))/
@@ -100,7 +111,7 @@ sub obfuscate_addrs ($$) {
if ($addrs->{$addr} || ((defined $re && $domain =~ $re))) {
$addr;
} else {
- $domain =~ s!([^\.]+)\.!$1•!;
+ $domain =~ s!([^\.]+)\.!$1$repl!;
$user . '@' . $domain
}
/sge;
@@ -116,4 +127,38 @@ sub to_filename ($) {
$s
}
+# convert a filename (or any string) to HTML attribute
+
+my %ESCAPES = map { chr($_) => sprintf('::%02x', $_) } (0..255);
+$ESCAPES{'/'} = ':'; # common
+
+sub to_attr ($) {
+ my ($str) = @_;
+
+ # git would never do this to us:
+ return if index($str, '//') >= 0;
+
+ my $first = '';
+ utf8::encode($str); # to octets
+ if ($str =~ s/\A([^A-Ya-z])//ms) { # start with a letter
+ $first = sprintf('Z%02x', ord($1));
+ }
+ $str =~ s/([^A-Za-z0-9_\.\-])/$ESCAPES{$1}/egms;
+ utf8::decode($str); # allow wide chars
+ $first . $str;
+}
+
+# reverse the result of to_attr
+sub from_attr ($) {
+ my ($str) = @_;
+ my $first = '';
+ if ($str =~ s/\AZ([a-f0-9]{2})//ms) {
+ $first = chr(hex($1));
+ }
+ $str =~ s!::([a-f0-9]{2})!chr(hex($1))!egms;
+ $str =~ tr!:!/!;
+ utf8::decode($str);
+ $first . $str;
+}
+
1;