2 * Output an HTML message, modifying it slightly to make sure it plays nice
3 * with the rest of our web framework.
5 * Copyright (c) 2005-2012 by the citadel.org team
7 * This program is open source software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License, version 3.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
17 #include "webserver.h"
21 * Strip surrounding single or double quotes from a string.
23 void stripquotes(char *s)
32 if ( ( (s[0] == '\"') && (s[len-1] == '\"') ) || ( (s[0] == '\'') && (s[len-1] == '\'') ) ) {
40 * Check to see if a META tag has overridden the declared MIME character set.
42 * charset Character set name (left unchanged if we don't do anything)
43 * meta_http_equiv Content of the "http-equiv" portion of the META tag
44 * meta_content Content of the "content" portion of the META tag
46 void extract_charset_from_meta(char *charset, char *meta_http_equiv, char *meta_content)
52 if (!meta_http_equiv) return;
53 if (!meta_content) return;
56 if (strcasecmp(meta_http_equiv, "Content-type")) return;
58 ptr = strchr(meta_content, ';');
61 safestrncpy(buf, ++ptr, sizeof buf);
63 if (!strncasecmp(buf, "charset=", 8)) {
64 strcpy(charset, &buf[8]);
67 * The brain-damaged webmail program in Microsoft Exchange declares
68 * a charset of "unicode" when they really mean "UTF-8". GNU iconv
69 * treats "unicode" as an alias for "UTF-16" so we have to manually
70 * fix this here, otherwise messages generated in Exchange webmail
71 * show up as a big pile of weird characters.
73 if (!strcasecmp(charset, "unicode")) {
74 strcpy(charset, "UTF-8");
77 /* Remove wandering punctuation */
78 if ((ptr=strchr(charset, '\"'))) *ptr = 0;
86 * Sanitize and enhance an HTML message for display.
87 * Also convert weird character sets to UTF-8 if necessary.
88 * Also fixup img src="cid:..." type inline images to fetch the image
91 void output_html(const char *supplied_charset, int treat_as_wiki, int msgnum, StrBuf *Source, StrBuf *Target) {
97 StrBuf *converted_msg;
98 int buffer_length = 1;
100 int content_length = 0;
101 char new_window[SIZ];
105 int script_start_pos = (-1);
109 StrBuf *BodyArea = NULL;
111 iconv_t ic = (iconv_t)(-1) ;
112 char *ibuf; /* Buffer of characters to be converted */
113 char *obuf; /* Buffer for converted characters */
114 size_t ibuflen; /* Length of input buffer */
115 size_t obuflen; /* Length of output buffer */
116 char *osav; /* Saved pointer to output buffer */
121 safestrncpy(charset, supplied_charset, sizeof charset);
123 sprintf(new_window, "<a target=\"%s\" href=", TARGET);
125 if (Source == NULL) while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) {
126 line_length = strlen(buf);
127 buffer_length = content_length + line_length + 2;
128 ptr = realloc(msg, buffer_length);
130 StrBufAppendPrintf(Target, "<b>");
131 StrBufAppendPrintf(Target, _("realloc() error! couldn't get %d bytes: %s"),
134 StrBufAppendPrintf(Target, "</b><br><br>\n");
135 while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) {
142 strcpy(&msg[content_length], buf);
143 content_length += line_length;
144 strcpy(&msg[content_length], "\n");
148 content_length = StrLength(Source);
150 msg = (char*) ChrPtr(Source);/* TODO: remove cast */
151 buffer_length = content_length;
154 /** Do a first pass to isolate the message body */
157 msgend = &msg[content_length];
159 while (ptr < msgend) {
161 /** Advance to next tag */
162 ptr = strchr(ptr, '<');
163 if ((ptr == NULL) || (ptr >= msgend)) break;
165 if ((ptr == NULL) || (ptr >= msgend)) break;
168 * Look for META tags. Some messages (particularly in
169 * Asian locales) illegally declare a message's character
170 * set in the HTML instead of in the MIME headers. This
171 * is wrong but we have to work around it anyway.
173 if (!strncasecmp(ptr, "META", 4)) {
179 char *meta_http_equiv;
183 meta_start = &ptr[4];
184 meta_end = strchr(ptr, '>');
185 if ((meta_end != NULL) && (meta_end <= msgend)) {
186 meta_length = meta_end - meta_start + 1;
187 meta = malloc(meta_length + 1);
188 safestrncpy(meta, meta_start, meta_length);
189 meta[meta_length] = 0;
191 if (!strncasecmp(meta, "HTTP-EQUIV=", 11)) {
192 meta_http_equiv = strdup(&meta[11]);
193 spaceptr = strchr(meta_http_equiv, ' ');
194 if (spaceptr != NULL) {
196 meta_content = strdup(++spaceptr);
197 if (!strncasecmp(meta_content, "content=", 8)) {
198 strcpy(meta_content, &meta_content[8]);
199 stripquotes(meta_http_equiv);
200 stripquotes(meta_content);
201 extract_charset_from_meta(charset,
202 meta_http_equiv, meta_content);
206 free(meta_http_equiv);
213 * Any of these tags cause everything up to and including
214 * the tag to be removed.
216 if ( (!strncasecmp(ptr, "HTML", 4))
217 ||(!strncasecmp(ptr, "HEAD", 4))
218 ||(!strncasecmp(ptr, "/HEAD", 5))
219 ||(!strncasecmp(ptr, "BODY", 4)) ) {
222 if (!strncasecmp(ptr, "BODY", 4)) {
225 ptr = strchr(ptr, '>');
226 if ((ptr == NULL) || (ptr >= msgend)) break;
227 if ((pBody != NULL) && (ptr - pBody > 4)) {
229 char *cid_start, *cid_end;
233 while ((isspace(*pBody)) && (pBody < ptr))
235 BodyArea = NewStrBufPlain(NULL, ptr - pBody);
238 src = strstr(pBody, "cid:");
242 while ((*cid_end != '"') &&
243 !isspace(*cid_end) &&
247 /* copy tag and attributes up to src="cid: */
248 StrBufAppendBufPlain(BodyArea, pBody, src - pBody, 0);
250 /* add in /webcit/mimepart/<msgno>/CID/
251 trailing / stops dumb URL filters getting excited */
252 StrBufAppendPrintf(BodyArea,
253 "/webcit/mimepart/%d/",msgnum);
254 StrBufAppendBufPlain(BodyArea, cid_start, cid_end - cid_start, 0);
256 if (ptr - cid_end > 0)
257 StrBufAppendBufPlain(BodyArea,
262 StrBufAppendBufPlain(BodyArea, pBody, ptr - pBody, 0);
267 if ((ptr == NULL) || (ptr >= msgend)) break;
272 * Any of these tags cause everything including and following
273 * the tag to be removed.
275 if ( (!strncasecmp(ptr, "/HTML", 5))
276 ||(!strncasecmp(ptr, "/BODY", 5)) ) {
285 if (msgstart > msg) {
286 strcpy(msg, msgstart);
289 /* Now go through the message, parsing tags as necessary. */
290 converted_msg = NewStrBufPlain(NULL, content_length + 8192);
293 /** Convert foreign character sets to UTF-8 if necessary. */
295 if ( (strcasecmp(charset, "us-ascii"))
296 && (strcasecmp(charset, "UTF-8"))
297 && (strcasecmp(charset, ""))
299 syslog(LOG_DEBUG, "Converting %s to UTF-8\n", charset);
300 ctdl_iconv_open("UTF-8", charset, &ic);
301 if (ic == (iconv_t)(-1) ) {
302 syslog(LOG_WARNING, "%s:%d iconv_open() failed: %s\n",
303 __FILE__, __LINE__, strerror(errno));
306 if (Source == NULL) {
307 if (ic != (iconv_t)(-1) ) {
309 ibuflen = content_length;
310 obuflen = content_length + (content_length / 2) ;
311 obuf = (char *) malloc(obuflen);
313 iconv(ic, &ibuf, &ibuflen, &obuf, &obuflen);
314 content_length = content_length + (content_length / 2) - obuflen;
315 osav[content_length] = 0;
322 if (ic != (iconv_t)(-1) ) {
323 StrBuf *Buf = NewStrBufPlain(NULL, StrLength(Source) + 8096);;
324 StrBufConvert(Source, Buf, &ic);
327 msg = (char*)ChrPtr(Source); /* TODO: get rid of this. */
334 * At this point, the message has been stripped down to
335 * only the content inside the <BODY></BODY> tags, and has
336 * been converted to UTF-8 if it was originally in a foreign
337 * character set. The text is also guaranteed to be null
341 if (converted_msg == NULL) {
342 StrBufAppendPrintf(Target, "Error %d: %s<br>%s:%d", errno, strerror(errno), __FILE__, __LINE__);
346 if (BodyArea != NULL) {
347 StrBufAppendBufPlain(converted_msg, HKEY("<table "), 0);
348 StrBufAppendBuf(converted_msg, BodyArea, 0);
349 StrBufAppendBufPlain(converted_msg, HKEY(" width=\"100%\"><tr><td>"), 0);
352 msgend = strchr(msg, 0);
353 while (ptr < msgend) {
355 /** Try to sanitize the html of any rogue scripts */
356 if (!strncasecmp(ptr, "<script", 7)) {
357 if (scriptlevel == 0) {
358 script_start_pos = StrLength(converted_msg);
362 if (!strncasecmp(ptr, "</script", 8)) {
367 * Change mailto: links to WebCit mail, by replacing the
368 * link with one that points back to our mail room. Due to
369 * the way we parse URL's, it'll even handle mailto: links
370 * that have "?subject=" in them.
372 if (!strncasecmp(ptr, "<a href=\"mailto:", 16)) {
373 content_length += 64;
374 StrBufAppendPrintf(converted_msg,
375 "<a href=\"display_enter?force_room=_MAIL_?recp=");
380 /** Make external links open in a separate window */
381 else if (!strncasecmp(ptr, "<a href=\"", 9)) {
384 if ( ((strchr(ptr, ':') < strchr(ptr, '/')))
385 && ((strchr(ptr, '/') < strchr(ptr, '>')))
387 /* open external links to new window */
388 StrBufAppendPrintf(converted_msg, new_window);
393 && (strncasecmp(ptr, "<a href=\"wiki?", 14))
394 && (strncasecmp(ptr, "<a href=\"dotgoto?", 17))
395 && (strncasecmp(ptr, "<a href=\"knrooms?", 17))
397 content_length += 64;
398 StrBufAppendPrintf(converted_msg, "<a href=\"wiki?go=");
399 StrBufUrlescAppend(converted_msg, WC->CurRoom.name, NULL);
400 StrBufAppendPrintf(converted_msg, "?page=");
404 StrBufAppendPrintf(converted_msg, "<a href=\"");
408 /** Fixup <img src="cid:... ...> to fetch the mime part */
409 else if (!strncasecmp(ptr, "<img ", 5)) {
410 char *cid_start, *cid_end;
411 char* tag_end=strchr(ptr,'>');
413 /* FIXME - handle this situation (maybe someone opened an <img cid...
414 * and then ended the message)
417 syslog(LOG_DEBUG, "tag_end is null and ptr is:\n");
418 syslog(LOG_DEBUG, "%s\n", ptr);
419 syslog(LOG_DEBUG, "Theoretical bytes remaining: %d\n", (int)(msgend - ptr));
422 src=strstr(ptr, "src=\"cid:");
428 && (cid_start=strchr(src,':'))
429 && (cid_end=strchr(cid_start,'"'))
430 && (cid_end < tag_end)
432 /* copy tag and attributes up to src="cid: */
433 StrBufAppendBufPlain(converted_msg, ptr, src - ptr, 0);
436 /* add in /webcit/mimepart/<msgno>/CID/
437 trailing / stops dumb URL filters getting excited */
438 StrBufAppendPrintf(converted_msg,
439 " src=\"/webcit/mimepart/%d/",msgnum);
440 StrBufAppendBufPlain(converted_msg, cid_start, cid_end - cid_start, 0);
441 StrBufAppendBufPlain(converted_msg, "/\"", -1, 0);
445 StrBufAppendBufPlain(converted_msg, ptr, tag_end - ptr, 0);
450 * Turn anything that looks like a URL into a real link, as long
451 * as it's not inside a tag already
453 else if ( (brak == 0) && (alevel == 0)
454 && (!strncasecmp(ptr, "http://", 7))) {
455 /** Find the end of the link */
459 strlenptr = strlen(ptr);
460 for (i=0; i<=strlenptr; ++i) {
474 /* did s.b. send us an entity? */
476 if ((ptr[i+2] ==';') ||
483 if (linklen > 0) break;
492 linkedchar = ptr[len];
494 /* spot for some subject strings tinymce tends to give us. */
495 ltreviewptr = strchr(ptr, '<');
496 if (ltreviewptr != NULL) {
498 linklen = ltreviewptr - ptr;
501 nbspreviewptr = strstr(ptr, " ");
502 if (nbspreviewptr != NULL) {
503 /* nbspreviewptr = '\0'; */
504 linklen = nbspreviewptr - ptr;
506 if (ltreviewptr != 0)
509 ptr[len] = linkedchar;
511 content_length += (32 + linklen);
512 StrBufAppendPrintf(converted_msg, "%s\"", new_window);
513 StrBufAppendBufPlain(converted_msg, ptr, linklen, 0);
514 StrBufAppendPrintf(converted_msg, "\">");
515 StrBufAppendBufPlain(converted_msg, ptr, linklen, 0);
517 StrBufAppendPrintf(converted_msg, "</A>");
521 StrBufAppendBufPlain(converted_msg, ptr, 1, 0);
526 if ((ptr >= msg) && (ptr <= msgend)) {
528 * We need to know when we're inside a tag,
529 * so we don't turn things that look like URL's into
530 * links, when they're already links - or image sources.
532 if ((ptr > msg) && (*(ptr-1) == '<')) {
535 if ((ptr > msg) && (*(ptr-1) == '>')) {
537 if ((scriptlevel == 0) && (script_start_pos >= 0)) {
538 StrBufCutRight(converted_msg, StrLength(converted_msg) - script_start_pos);
539 script_start_pos = (-1);
542 if (!strncasecmp(ptr, "</A>", 3)) --alevel;
546 if (BodyArea != NULL) {
547 StrBufAppendBufPlain(converted_msg, HKEY("</td></tr></table>"), 0);
548 FreeStrBuf(&BodyArea);
551 /** uncomment these two lines to override conversion */
552 /** memcpy(converted_msg, msg, content_length); */
553 /** output_length = content_length; */
555 /** Output our big pile of markup */
556 StrBufAppendBuf(Target, converted_msg, 0);
558 BAIL: /** A little trailing vertical whitespace... */
559 StrBufAppendPrintf(Target, "<br><br>\n");
561 /** Now give back the memory */
562 FreeStrBuf(&converted_msg);
563 if ((msg != NULL) && (Source == NULL)) free(msg);
572 * Look for URL's embedded in a buffer and make them linkable. We use a
573 * target window in order to keep the Citadel session in its own window.
575 void UrlizeText(StrBuf* Target, StrBuf *Source, StrBuf *WrkBuf)
577 int len, UrlLen, Offset, TrailerLen;
578 const char *start, *end, *pos;
583 len = StrLength(Source);
584 end = ChrPtr(Source) + len;
585 for (pos = ChrPtr(Source); (pos < end) && (start == NULL); ++pos) {
586 if (!strncasecmp(pos, "http://", 7))
588 else if (!strncasecmp(pos, "ftp://", 6))
593 StrBufAppendBuf(Target, Source, 0);
598 for (pos = ChrPtr(Source) + len; pos > start; --pos) {
599 if ( (!isprint(*pos))
618 UrlLen = end - start;
619 StrBufAppendBufPlain(WrkBuf, start, UrlLen, 0);
621 Offset = start - ChrPtr(Source);
623 StrBufAppendBufPlain(Target, ChrPtr(Source), Offset, 0);
624 StrBufAppendPrintf(Target, "%ca href=%c%s%c TARGET=%c%s%c%c%s%c/A%c",
625 LB, QU, ChrPtr(WrkBuf), QU, QU, TARGET,
626 QU, RB, ChrPtr(WrkBuf), LB, RB);
628 TrailerLen = StrLength(Source) - (end - ChrPtr(Source));
630 StrBufAppendBufPlain(Target, end, TrailerLen, 0);
634 void url(char *buf, size_t bufsize)
636 int len, UrlLen, Offset, TrailerLen, outpos;
637 char *start, *end, *pos;
644 syslog(LOG_WARNING, "URL: content longer than buffer!");
648 for (pos = buf; (pos < end) && (start == NULL); ++pos) {
649 if (!strncasecmp(pos, "http://", 7))
651 if (!strncasecmp(pos, "ftp://", 6))
658 for (pos = buf+len; pos > start; --pos) {
659 if ( (!isprint(*pos))
678 UrlLen = end - start;
679 if (UrlLen > sizeof(urlbuf)){
680 syslog(LOG_WARNING, "URL: content longer than buffer!");
683 memcpy(urlbuf, start, UrlLen);
684 urlbuf[UrlLen] = '\0';
686 Offset = start - buf;
687 if ((Offset != 0) && (Offset < sizeof(outbuf)))
688 memcpy(outbuf, buf, Offset);
689 outpos = snprintf(&outbuf[Offset], sizeof(outbuf) - Offset,
690 "%ca href=%c%s%c TARGET=%c%s%c%c%s%c/A%c",
691 LB, QU, urlbuf, QU, QU, TARGET, QU, RB, urlbuf, LB, RB);
692 if (outpos >= sizeof(outbuf) - Offset) {
693 syslog(LOG_WARNING, "URL: content longer than buffer!");
697 TrailerLen = len - (end - start);
699 memcpy(outbuf + Offset + outpos, end, TrailerLen);
700 if (Offset + outpos + TrailerLen > bufsize) {
701 syslog(LOG_WARNING, "URL: content longer than buffer!");
704 memcpy (buf, outbuf, Offset + outpos + TrailerLen);
705 *(buf + Offset + outpos + TrailerLen) = '\0';