5 * \defgroup HTML2HTML Output an HTML message, modifying it slightly to make sure it plays nice
6 * with the rest of our web framework.
7 * \ingroup WebcitHttpServer
11 #include "webserver.h"
15 * \brief Strip surrounding single or double quotes from a string.
17 * \param s String to be stripped.
19 void stripquotes(char *s)
28 if ( ( (s[0] == '\"') && (s[len-1] == '\"') ) || ( (s[0] == '\'') && (s[len-1] == '\'') ) ) {
36 * \brief Check to see if a META tag has overridden the declared MIME character set.
38 * \param charset Character set name (left unchanged if we don't do anything)
39 * \param meta_http_equiv Content of the "http-equiv" portion of the META tag
40 * \param meta_content Content of the "content" portion of the META tag
42 void extract_charset_from_meta(char *charset, char *meta_http_equiv, char *meta_content)
48 if (!meta_http_equiv) return;
49 if (!meta_content) return;
52 if (strcasecmp(meta_http_equiv, "Content-type")) return;
54 ptr = strchr(meta_content, ';');
57 safestrncpy(buf, ++ptr, sizeof buf);
59 if (!strncasecmp(buf, "charset=", 8)) {
60 strcpy(charset, &buf[8]);
63 * The brain-damaged webmail program in Microsoft Exchange declares
64 * a charset of "unicode" when they really mean "UTF-8". GNU iconv
65 * treats "unicode" as an alias for "UTF-16" so we have to manually
66 * fix this here, otherwise messages generated in Exchange webmail
67 * show up as a big pile of weird characters.
69 if (!strcasecmp(charset, "unicode")) {
70 strcpy(charset, "UTF-8");
79 * \brief Sanitize and enhance an HTML message for display.
80 * Also convert weird character sets to UTF-8 if necessary.
81 * Also fixup img src="cid:..." type inline images to fetch the image
83 * \param supplied_charset the input charset as declared in the MIME headers
85 void output_html(const char *supplied_charset, int treat_as_wiki, int msgnum, StrBuf *Source, StrBuf *Target) {
91 StrBuf *converted_msg;
92 int buffer_length = 1;
94 int content_length = 0;
99 int script_start_pos = (-1);
105 iconv_t ic = (iconv_t)(-1) ;
106 char *ibuf; /**< Buffer of characters to be converted */
107 char *obuf; /**< Buffer for converted characters */
108 size_t ibuflen; /**< Length of input buffer */
109 size_t obuflen; /**< Length of output buffer */
110 char *osav; /**< Saved pointer to output buffer */
115 safestrncpy(charset, supplied_charset, sizeof charset);
117 sprintf(new_window, "<a target=\"%s\" href=", TARGET);
119 if (Source == NULL) while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) {
120 line_length = strlen(buf);
121 buffer_length = content_length + line_length + 2;
122 ptr = realloc(msg, buffer_length);
124 StrBufAppendPrintf(Target, "<b>");
125 StrBufAppendPrintf(Target, _("realloc() error! couldn't get %d bytes: %s"),
128 StrBufAppendPrintf(Target, "</b><br /><br />\n");
129 while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) {
136 strcpy(&msg[content_length], buf);
137 content_length += line_length;
138 strcpy(&msg[content_length], "\n");
142 content_length = StrLength(Source);
144 msg = (char*) ChrPtr(Source);/* TODO: remove cast */
145 buffer_length = content_length;
148 /** Do a first pass to isolate the message body */
151 msgend = &msg[content_length];
153 while (ptr < msgend) {
155 /** Advance to next tag */
156 ptr = strchr(ptr, '<');
157 if ((ptr == NULL) || (ptr >= msgend)) break;
159 if ((ptr == NULL) || (ptr >= msgend)) break;
162 * Look for META tags. Some messages (particularly in
163 * Asian locales) illegally declare a message's character
164 * set in the HTML instead of in the MIME headers. This
165 * is wrong but we have to work around it anyway.
167 if (!strncasecmp(ptr, "META", 4)) {
173 char *meta_http_equiv;
177 meta_start = &ptr[4];
178 meta_end = strchr(ptr, '>');
179 if ((meta_end != NULL) && (meta_end <= msgend)) {
180 meta_length = meta_end - meta_start + 1;
181 meta = malloc(meta_length + 1);
182 safestrncpy(meta, meta_start, meta_length);
183 meta[meta_length] = 0;
185 if (!strncasecmp(meta, "HTTP-EQUIV=", 11)) {
186 meta_http_equiv = strdup(&meta[11]);
187 spaceptr = strchr(meta_http_equiv, ' ');
188 if (spaceptr != NULL) {
190 meta_content = strdup(++spaceptr);
191 if (!strncasecmp(meta_content, "content=", 8)) {
192 strcpy(meta_content, &meta_content[8]);
193 stripquotes(meta_http_equiv);
194 stripquotes(meta_content);
195 extract_charset_from_meta(charset,
196 meta_http_equiv, meta_content);
200 free(meta_http_equiv);
207 * Any of these tags cause everything up to and including
208 * the tag to be removed.
210 if ( (!strncasecmp(ptr, "HTML", 4))
211 ||(!strncasecmp(ptr, "HEAD", 4))
212 ||(!strncasecmp(ptr, "/HEAD", 5))
213 ||(!strncasecmp(ptr, "BODY", 4)) ) {
216 if (!strncasecmp(ptr, "BODY", 4)) {
219 ptr = strchr(ptr, '>');
220 if ((ptr == NULL) || (ptr >= msgend)) break;
221 if ((pBody != NULL) && (ptr - pBody > 4)) {
223 char *cid_start, *cid_end;
227 while ((isspace(*pBody)) && (pBody < ptr))
229 BodyArea = NewStrBufPlain(NULL, ptr - pBody);
232 src = strstr(pBody, "cid:");
236 while ((*cid_end != '"') &&
237 !isspace(*cid_end) &&
241 /* copy tag and attributes up to src="cid: */
242 StrBufAppendBufPlain(BodyArea, pBody, src - pBody, 0);
244 /* add in /webcit/mimepart/<msgno>/CID/
245 trailing / stops dumb URL filters getting excited */
246 StrBufAppendPrintf(BodyArea,
247 "/webcit/mimepart/%d/",msgnum);
248 StrBufAppendBufPlain(BodyArea, cid_start, cid_end - cid_start, 0);
250 if (ptr - cid_end > 0)
251 StrBufAppendBufPlain(BodyArea,
256 StrBufAppendBufPlain(BodyArea, pBody, ptr - pBody, 0);
261 if ((ptr == NULL) || (ptr >= msgend)) break;
266 * Any of these tags cause everything including and following
267 * the tag to be removed.
269 if ( (!strncasecmp(ptr, "/HTML", 5))
270 ||(!strncasecmp(ptr, "/BODY", 5)) ) {
279 if (msgstart > msg) {
280 strcpy(msg, msgstart);
283 /** Now go through the message, parsing tags as necessary. */
284 converted_msg = NewStrBufPlain(NULL, content_length + 8192);
287 /** Convert foreign character sets to UTF-8 if necessary. */
289 if ( (strcasecmp(charset, "us-ascii"))
290 && (strcasecmp(charset, "UTF-8"))
291 && (strcasecmp(charset, ""))
293 lprintf(9, "Converting %s to UTF-8\n", charset);
294 ctdl_iconv_open("UTF-8", charset, &ic);
295 if (ic == (iconv_t)(-1) ) {
296 lprintf(5, "%s:%d iconv_open() failed: %s\n",
297 __FILE__, __LINE__, strerror(errno));
300 if (Source == NULL) {
301 if (ic != (iconv_t)(-1) ) {
303 ibuflen = content_length;
304 obuflen = content_length + (content_length / 2) ;
305 obuf = (char *) malloc(obuflen);
307 iconv(ic, &ibuf, &ibuflen, &obuf, &obuflen);
308 content_length = content_length + (content_length / 2) - obuflen;
309 osav[content_length] = 0;
316 if (ic != (iconv_t)(-1) ) {
317 StrBuf *Buf = NewStrBufPlain(NULL, StrLength(Source) + 8096);;
318 StrBufConvert(Source, Buf, &ic);
321 msg = (char*)ChrPtr(Source); /* TODO: get rid of this. */
328 * At this point, the message has been stripped down to
329 * only the content inside the <BODY></BODY> tags, and has
330 * been converted to UTF-8 if it was originally in a foreign
331 * character set. The text is also guaranteed to be null
335 if (converted_msg == NULL) {
336 StrBufAppendPrintf(Target, "Error %d: %s<br />%s:%d", errno, strerror(errno), __FILE__, __LINE__);
340 if (BodyArea != NULL) {
341 StrBufAppendBufPlain(converted_msg, HKEY("<table "), 0);
342 StrBufAppendBuf(converted_msg, BodyArea, 0);
343 StrBufAppendBufPlain(converted_msg, HKEY(" width=\"100%\"><tr><td>"), 0);
346 msgend = strchr(msg, 0);
347 while (ptr < msgend) {
349 /** Try to sanitize the html of any rogue scripts */
350 if (!strncasecmp(ptr, "<script", 7)) {
351 if (scriptlevel == 0) {
352 script_start_pos = StrLength(converted_msg);
356 if (!strncasecmp(ptr, "</script", 8)) {
361 * Change mailto: links to WebCit mail, by replacing the
362 * link with one that points back to our mail room. Due to
363 * the way we parse URL's, it'll even handle mailto: links
364 * that have "?subject=" in them.
366 if (!strncasecmp(ptr, "<a href=\"mailto:", 16)) {
367 content_length += 64;
368 StrBufAppendPrintf(converted_msg,
369 "<a href=\"display_enter?force_room=_MAIL_&recp=");
374 /** Make external links open in a separate window */
375 else if (!strncasecmp(ptr, "<a href=\"", 9)) {
378 if ( ((strchr(ptr, ':') < strchr(ptr, '/')))
379 && ((strchr(ptr, '/') < strchr(ptr, '>')))
381 /* open external links to new window */
382 StrBufAppendPrintf(converted_msg, new_window);
385 else if ( (treat_as_wiki) && (strncasecmp(ptr, "<a href=\"wiki?", 14)) ) {
386 content_length += 64;
387 StrBufAppendPrintf(converted_msg, "<a href=\"wiki?page=");
391 StrBufAppendPrintf(converted_msg, "<a href=\"");
395 /** Fixup <img src="cid:... ...> to fetch the mime part */
396 else if (!strncasecmp(ptr, "<img ", 5)) {
397 char* tag_end=strchr(ptr,'>');
398 char* src=strstr(ptr, " src=\"cid:");
399 char *cid_start, *cid_end;
403 (cid_start=strchr(src,':')) &&
404 (cid_end=strchr(cid_start,'"')) &&
405 (cid_end < tag_end)) {
407 /* copy tag and attributes up to src="cid: */
408 StrBufAppendBufPlain(converted_msg, ptr, src - ptr, 0);
411 /* add in /webcit/mimepart/<msgno>/CID/
412 trailing / stops dumb URL filters getting excited */
413 StrBufAppendPrintf(converted_msg,
414 "src=\"/webcit/mimepart/%d/",msgnum);
415 StrBufAppendBufPlain(converted_msg, cid_start, cid_end - cid_start, 0);
416 StrBufAppendBufPlain(converted_msg, "/\"", -1, 0);
420 StrBufAppendBufPlain(converted_msg, ptr, tag_end - ptr, 0);
425 * Turn anything that looks like a URL into a real link, as long
426 * as it's not inside a tag already
428 else if ( (brak == 0) && (alevel == 0)
429 && (!strncasecmp(ptr, "http://", 7))) {
430 /** Find the end of the link */
434 strlenptr = strlen(ptr);
435 for (i=0; i<=strlenptr; ++i) {
449 /* did s.b. send us an entity? */
451 if ((ptr[i+2] ==';') ||
458 if (linklen > 0) break;
467 linkedchar = ptr[len];
469 /* spot for some subject strings tinymce tends to give us. */
470 ltreviewptr = strchr(ptr, '<');
471 if (ltreviewptr != NULL) {
473 linklen = ltreviewptr - ptr;
476 nbspreviewptr = strstr(ptr, " ");
477 if (nbspreviewptr != NULL) {
478 /* nbspreviewptr = '\0'; */
479 linklen = nbspreviewptr - ptr;
481 if (ltreviewptr != 0)
484 ptr[len] = linkedchar;
486 content_length += (32 + linklen);
487 StrBufAppendPrintf(converted_msg, "%s\"", new_window);
488 StrBufAppendBufPlain(converted_msg, ptr, linklen, 0);
489 StrBufAppendPrintf(converted_msg, "\">");
490 StrBufAppendBufPlain(converted_msg, ptr, linklen, 0);
492 StrBufAppendPrintf(converted_msg, "</A>");
496 StrBufAppendBufPlain(converted_msg, ptr, 1, 0);
501 * We need to know when we're inside a tag,
502 * so we don't turn things that look like URL's into
503 * links, when they're already links - or image sources.
505 if (*(ptr-1) == '<') {
508 if (*(ptr-1) == '>') {
510 if ((scriptlevel == 0) && (script_start_pos >= 0)) {
511 StrBufCutRight(converted_msg, StrLength(converted_msg) - script_start_pos);
512 script_start_pos = (-1);
515 if (!strncasecmp(ptr, "</A>", 3)) --alevel;
517 if (BodyArea != NULL) {
518 StrBufAppendBufPlain(converted_msg, HKEY("</td></tr></table>"), 0);
519 FreeStrBuf(&BodyArea);
522 /** uncomment these two lines to override conversion */
523 /** memcpy(converted_msg, msg, content_length); */
524 /** output_length = content_length; */
526 /** Output our big pile of markup */
527 StrBufAppendBuf(Target, converted_msg, 0);
529 BAIL: /** A little trailing vertical whitespace... */
530 StrBufAppendPrintf(Target, "<br /><br />\n");
532 /** Now give back the memory */
533 FreeStrBuf(&converted_msg);
534 if ((msg != NULL) && (Source == NULL)) free(msg);
543 * Look for URL's embedded in a buffer and make them linkable. We use a
544 * target window in order to keep the Citadel session in its own window.
546 void UrlizeText(StrBuf* Target, StrBuf *Source, StrBuf *WrkBuf)
548 int len, UrlLen, Offset, TrailerLen;
549 const char *start, *end, *pos;
554 len = StrLength(Source);
555 end = ChrPtr(Source) + len;
556 for (pos = ChrPtr(Source); (pos < end) && (start == NULL); ++pos) {
557 if (!strncasecmp(pos, "http://", 7))
559 else if (!strncasecmp(pos, "ftp://", 6))
564 StrBufAppendBuf(Target, Source, 0);
569 for (pos = ChrPtr(Source) + len; pos > start; --pos) {
570 if ( (!isprint(*pos))
589 UrlLen = end - start;
590 StrBufAppendBufPlain(WrkBuf, start, UrlLen, 0);
592 Offset = start - ChrPtr(Source);
594 StrBufAppendBufPlain(Target, ChrPtr(Source), Offset, 0);
595 StrBufAppendPrintf(Target, "%ca href=%c%s%c TARGET=%c%s%c%c%s%c/A%c",
596 LB, QU, ChrPtr(WrkBuf), QU, QU, TARGET,
597 QU, RB, ChrPtr(WrkBuf), LB, RB);
599 TrailerLen = StrLength(Source) - (end - ChrPtr(Source));
601 StrBufAppendBufPlain(Target, end, TrailerLen, 0);
603 void url(char *buf, size_t bufsize)
605 int len, UrlLen, Offset, TrailerLen, outpos;
606 char *start, *end, *pos;
613 lprintf(1, "URL: content longer than buffer!");
617 for (pos = buf; (pos < end) && (start == NULL); ++pos) {
618 if (!strncasecmp(pos, "http://", 7))
620 if (!strncasecmp(pos, "ftp://", 6))
627 for (pos = buf+len; pos > start; --pos) {
628 if ( (!isprint(*pos))
647 UrlLen = end - start;
648 if (UrlLen > sizeof(urlbuf)){
649 lprintf(1, "URL: content longer than buffer!");
652 memcpy(urlbuf, start, UrlLen);
653 urlbuf[UrlLen] = '\0';
655 Offset = start - buf;
656 if ((Offset != 0) && (Offset < sizeof(outbuf)))
657 memcpy(outbuf, buf, Offset);
658 outpos = snprintf(&outbuf[Offset], sizeof(outbuf) - Offset,
659 "%ca href=%c%s%c TARGET=%c%s%c%c%s%c/A%c",
660 LB, QU, urlbuf, QU, QU, TARGET, QU, RB, urlbuf, LB, RB);
661 if (outpos >= sizeof(outbuf) - Offset) {
662 lprintf(1, "URL: content longer than buffer!");
666 TrailerLen = len - (end - start);
668 memcpy(outbuf + Offset + outpos, end, TrailerLen);
669 if (Offset + outpos + TrailerLen > bufsize) {
670 lprintf(1, "URL: content longer than buffer!");
673 memcpy (buf, outbuf, Offset + outpos + TrailerLen);
674 *(buf + Offset + outpos + TrailerLen) = '\0';