/*
* $Id$
- *
- * Output an HTML message, modifying it slightly to make sure it plays nice
+ */
+/**
+ * \defgroup HTML2HTML Output an HTML message, modifying it slightly to make sure it plays nice
* with the rest of our web framework.
- *
+ * \ingroup WebcitHttpServer
*/
-
-#include <ctype.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <stdio.h>
-#include <fcntl.h>
-#include <signal.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <sys/socket.h>
-#include <limits.h>
-#include <netinet/in.h>
-#include <netdb.h>
-#include <string.h>
-#include <pwd.h>
-#include <errno.h>
-#include <stdarg.h>
-#include <pthread.h>
-#include <signal.h>
+/*@{*/
#include "webcit.h"
-#include "vcard.h"
#include "webserver.h"
-/*
+/**
+ * \brief Strip surrounding single or double quotes from a string.
+ *
+ * \param s String to be stripped.
+ */
+void stripquotes(char *s)
+{
+ int len;
+
+ if (!s) return;
+
+ len = strlen(s);
+ if (len < 2) return;
+
+ if ( ( (s[0] == '\"') && (s[len-1] == '\"') ) || ( (s[0] == '\'') && (s[len-1] == '\'') ) ) {
+ s[len-1] = 0;
+ strcpy(s, &s[1]);
+ }
+}
+
+
+/**
+ * \brief Check to see if a META tag has overridden the declared MIME character set.
+ *
+ * \param charset Character set name (left unchanged if we don't do anything)
+ * \param meta_http_equiv Content of the "http-equiv" portion of the META tag
+ * \param meta_content Content of the "content" portion of the META tag
*/
-void output_html(void) {
+void extract_charset_from_meta(char *charset, char *meta_http_equiv, char *meta_content)
+{
+ char *ptr;
+ char buf[64];
+
+ if (!charset) return;
+ if (!meta_http_equiv) return;
+ if (!meta_content) return;
+
+
+ if (strcasecmp(meta_http_equiv, "Content-type")) return;
+
+ ptr = strchr(meta_content, ';');
+ if (!ptr) return;
+
+ safestrncpy(buf, ++ptr, sizeof buf);
+ striplt(buf);
+ if (!strncasecmp(buf, "charset=", 8)) {
+ strcpy(charset, &buf[8]);
+
+ /*
+ * The brain-damaged webmail program in Microsoft Exchange declares
+ * a charset of "unicode" when they really mean "UTF-8". GNU iconv
+ * treats "unicode" as an alias for "UTF-16" so we have to manually
+ * fix this here, otherwise messages generated in Exchange webmail
+ * show up as a big pile of weird characters.
+ */
+ if (!strcasecmp(charset, "unicode")) {
+ strcpy(charset, "UTF-8");
+ }
+
+ }
+}
+
+
+
+/**
+ * \brief Sanitize and enhance an HTML message for display.
+ * Also convert weird character sets to UTF-8 if necessary.
+ * Also fixup img src="cid:..." type inline images to fetch the image
+ *
+ * \param supplied_charset the input charset as declared in the MIME headers
+ */
+void output_html(const char *supplied_charset, int treat_as_wiki, int msgnum, StrBuf *Source, StrBuf *Target) {
char buf[SIZ];
char *msg;
char *ptr;
char *msgstart;
char *msgend;
+ StrBuf *converted_msg;
int buffer_length = 1;
int line_length = 0;
int content_length = 0;
+ char new_window[SIZ];
+ int brak = 0;
+ int alevel = 0;
+ int scriptlevel = 0;
+ int script_start_pos = (-1);
+ int i;
+ int linklen;
+ char charset[128];
+#ifdef HAVE_ICONV
+ iconv_t ic = (iconv_t)(-1) ;
+ char *ibuf; /**< Buffer of characters to be converted */
+ char *obuf; /**< Buffer for converted characters */
+ size_t ibuflen; /**< Length of input buffer */
+ size_t obuflen; /**< Length of output buffer */
+ char *osav; /**< Saved pointer to output buffer */
+#endif
+ if (Target == NULL)
+ Target = WC->WBuf;
+ safestrncpy(charset, supplied_charset, sizeof charset);
msg = strdup("");
+ sprintf(new_window, "<a target=\"%s\" href=", TARGET);
- while (serv_gets(buf), strcmp(buf, "000")) {
+ if (Source == NULL) while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) {
line_length = strlen(buf);
buffer_length = content_length + line_length + 2;
- msg = realloc(msg, buffer_length);
- if (msg == NULL) {
- wprintf("<B>realloc() error! "
- "couldn't get %d bytes: %s</B><BR><BR>\n",
+ ptr = realloc(msg, buffer_length);
+ if (ptr == NULL) {
+ StrBufAppendPrintf(Target, "<b>");
+ StrBufAppendPrintf(Target, _("realloc() error! couldn't get %d bytes: %s"),
buffer_length + 1,
strerror(errno));
+ StrBufAppendPrintf(Target, "</b><br /><br />\n");
+ while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) {
+ /** flush */
+ }
+ free(msg);
return;
}
+ msg = ptr;
strcpy(&msg[content_length], buf);
content_length += line_length;
strcpy(&msg[content_length], "\n");
content_length += 1;
}
+ else {
+ content_length = StrLength(Source);
+ free(msg);
+ msg = (char*) ChrPtr(Source);/* TODO: remove cast */
+ buffer_length = content_length;
+ }
- ptr = msg;
+ /** Do a first pass to isolate the message body */
+ ptr = msg + 1;
msgstart = msg;
msgend = &msg[content_length];
while (ptr < msgend) {
- /* Advance to next tag */
+ /** Advance to next tag */
ptr = strchr(ptr, '<');
if ((ptr == NULL) || (ptr >= msgend)) break;
++ptr;
if ((ptr == NULL) || (ptr >= msgend)) break;
- /* Any of these tags cause everything up to and including
+ /**
+ * Look for META tags. Some messages (particularly in
+ * Asian locales) illegally declare a message's character
+ * set in the HTML instead of in the MIME headers. This
+ * is wrong but we have to work around it anyway.
+ */
+ if (!strncasecmp(ptr, "META", 4)) {
+
+ char *meta_start;
+ char *meta_end;
+ int meta_length;
+ char *meta;
+ char *meta_http_equiv;
+ char *meta_content;
+ char *spaceptr;
+
+ meta_start = &ptr[4];
+ meta_end = strchr(ptr, '>');
+ if ((meta_end != NULL) && (meta_end <= msgend)) {
+ meta_length = meta_end - meta_start + 1;
+ meta = malloc(meta_length + 1);
+ safestrncpy(meta, meta_start, meta_length);
+ meta[meta_length] = 0;
+ striplt(meta);
+ if (!strncasecmp(meta, "HTTP-EQUIV=", 11)) {
+ meta_http_equiv = strdup(&meta[11]);
+ spaceptr = strchr(meta_http_equiv, ' ');
+ if (spaceptr != NULL) {
+ *spaceptr = 0;
+ meta_content = strdup(++spaceptr);
+ if (!strncasecmp(meta_content, "content=", 8)) {
+ strcpy(meta_content, &meta_content[8]);
+ stripquotes(meta_http_equiv);
+ stripquotes(meta_content);
+ extract_charset_from_meta(charset,
+ meta_http_equiv, meta_content);
+ }
+ free(meta_content);
+ }
+ free(meta_http_equiv);
+ }
+ free(meta);
+ }
+ }
+
+ /**
+ * Any of these tags cause everything up to and including
* the tag to be removed.
*/
if ( (!strncasecmp(ptr, "HTML", 4))
msgstart = ptr;
}
- /* Any of these tags cause everything including and following
+ /**
+ * Any of these tags cause everything including and following
* the tag to be removed.
*/
if ( (!strncasecmp(ptr, "/HTML", 5))
++ptr;
}
+ if (msgstart > msg) {
+ strcpy(msg, msgstart);
+ }
+
+ /** Now go through the message, parsing tags as necessary. */
+ converted_msg = NewStrBufPlain(NULL, content_length + 8192);
+
+
+ /** Convert foreign character sets to UTF-8 if necessary. */
+#ifdef HAVE_ICONV
+ if ( (strcasecmp(charset, "us-ascii"))
+ && (strcasecmp(charset, "UTF-8"))
+ && (strcasecmp(charset, ""))
+ ) {
+ lprintf(9, "Converting %s to UTF-8\n", charset);
+ ctdl_iconv_open("UTF-8", charset, &ic);
+ if (ic == (iconv_t)(-1) ) {
+ lprintf(5, "%s:%d iconv_open() failed: %s\n",
+ __FILE__, __LINE__, strerror(errno));
+ }
+ }
+ if (Source == NULL) {
+ if (ic != (iconv_t)(-1) ) {
+ ibuf = msg;
+ ibuflen = content_length;
+ obuflen = content_length + (content_length / 2) ;
+ obuf = (char *) malloc(obuflen);
+ osav = obuf;
+ iconv(ic, &ibuf, &ibuflen, &obuf, &obuflen);
+ content_length = content_length + (content_length / 2) - obuflen;
+ osav[content_length] = 0;
+ free(msg);
+ msg = osav;
+ iconv_close(ic);
+ }
+ }
+ else {
+ if (ic != (iconv_t)(-1) ) {
+ StrBuf *Buf = NewStrBufPlain(NULL, StrLength(Source) + 8096);;
+ StrBufConvert(Source, Buf, &ic);
+ FreeStrBuf(&Buf);
+ iconv_close(ic);
+ }
+ }
+
+#endif
+
+ /**
+ * At this point, the message has been stripped down to
+ * only the content inside the <BODY></BODY> tags, and has
+ * been converted to UTF-8 if it was originally in a foreign
+ * character set. The text is also guaranteed to be null
+ * terminated now.
+ */
+
+ if (converted_msg == NULL) {
+ StrBufAppendPrintf(Target, "Error %d: %s<br />%s:%d", errno, strerror(errno), __FILE__, __LINE__);
+ goto BAIL;
+ }
+
+ ptr = msg;
+ msgend = strchr(msg, 0);
+ while (ptr < msgend) {
+
+ /** Try to sanitize the html of any rogue scripts */
+ if (!strncasecmp(ptr, "<script", 7)) {
+ if (scriptlevel == 0) {
+ script_start_pos = StrLength(converted_msg);
+ }
+ ++scriptlevel;
+ }
+ if (!strncasecmp(ptr, "</script", 8)) {
+ --scriptlevel;
+ }
+
+ /**
+ * Change mailto: links to WebCit mail, by replacing the
+ * link with one that points back to our mail room. Due to
+ * the way we parse URL's, it'll even handle mailto: links
+ * that have "?subject=" in them.
+ */
+ if (!strncasecmp(ptr, "<a href=\"mailto:", 16)) {
+ content_length += 64;
+ StrBufAppendPrintf(converted_msg,
+ "<a href=\"display_enter?force_room=_MAIL_&recp=");
+ ptr = &ptr[16];
+ ++alevel;
+ ++brak;
+ }
+ /** Make external links open in a separate window */
+ else if (!strncasecmp(ptr, "<a href=\"", 9)) {
+ ++alevel;
+ ++brak;
+ if ( ((strchr(ptr, ':') < strchr(ptr, '/')))
+ && ((strchr(ptr, '/') < strchr(ptr, '>')))
+ ) {
+ /* open external links to new window */
+ StrBufAppendPrintf(converted_msg, new_window);
+ ptr = &ptr[8];
+ }
+ else if ( (treat_as_wiki) && (strncasecmp(ptr, "<a href=\"wiki?", 14)) ) {
+ content_length += 64;
+ StrBufAppendPrintf(converted_msg, "<a href=\"wiki?page=");
+ ptr = &ptr[9];
+ }
+ else {
+ StrBufAppendPrintf(converted_msg, "<a href=\"");
+ ptr = &ptr[9];
+ }
+ }
+ /** Fixup <img src="cid:... ...> to fetch the mime part */
+ else if (!strncasecmp(ptr, "<img ", 5)) {
+ char* tag_end=strchr(ptr,'>');
+ char* src=strstr(ptr, " src=\"cid:");
+ char *cid_start, *cid_end;
+ ++brak;
+
+ if (src &&
+ (cid_start=strchr(src,':')) &&
+ (cid_end=strchr(cid_start,'"')) &&
+ (cid_end < tag_end)) {
+
+ /* copy tag and attributes up to src="cid: */
+ StrBufAppendBufPlain(converted_msg, ptr, src - ptr, 0);
+ cid_start++;
+
+ /* add in /webcit/mimepart/<msgno>/CID/
+ trailing / stops dumb URL filters getting excited */
+ StrBufAppendPrintf(converted_msg,
+ "src=\"/webcit/mimepart/%d/",msgnum);
+ StrBufAppendBufPlain(converted_msg, cid_start, cid_end - cid_start, 0);
+ StrBufAppendBufPlain(converted_msg, "/\"", -1, 0);
+
+ ptr = cid_end+1;
+ }
+ StrBufAppendBufPlain(converted_msg, ptr, tag_end - ptr, 0);
+ ptr = tag_end;
+ }
+
+ /**
+ * Turn anything that looks like a URL into a real link, as long
+ * as it's not inside a tag already
+ */
+ else if ( (brak == 0) && (alevel == 0)
+ && (!strncasecmp(ptr, "http://", 7))) {
+ /** Find the end of the link */
+ int strlenptr;
+ linklen = 0;
+
+ strlenptr = strlen(ptr);
+ for (i=0; i<=strlenptr; ++i) {
+ if ((ptr[i]==0)
+ ||(isspace(ptr[i]))
+ ||(ptr[i]==10)
+ ||(ptr[i]==13)
+ ||(ptr[i]=='(')
+ ||(ptr[i]==')')
+ ||(ptr[i]=='<')
+ ||(ptr[i]=='>')
+ ||(ptr[i]=='[')
+ ||(ptr[i]==']')
+ ||(ptr[i]=='"')
+ ||(ptr[i]=='\'')
+ ) linklen = i;
+ /* did s.b. send us an entity? */
+ if (ptr[i] == '&') {
+ if ((ptr[i+2] ==';') ||
+ (ptr[i+3] ==';') ||
+ (ptr[i+5] ==';') ||
+ (ptr[i+6] ==';') ||
+ (ptr[i+7] ==';'))
+ linklen = i;
+ }
+ if (linklen > 0) break;
+ }
+ if (linklen > 0) {
+ char *ltreviewptr;
+ char *nbspreviewptr;
+ char linkedchar;
+ int len = linklen;
+
+ len = linklen;
+ linkedchar = ptr[len];
+ ptr[len] = '\0';
+ /* spot for some subject strings tinymce tends to give us. */
+ ltreviewptr = strchr(ptr, '<');
+ if (ltreviewptr != NULL) {
+ *ltreviewptr = '\0';
+ linklen = ltreviewptr - ptr;
+ }
+
+ nbspreviewptr = strstr(ptr, " ");
+ if (nbspreviewptr != NULL) {
+ ///*nbspreviewptr = '\0';
+ linklen = nbspreviewptr - ptr;
+ }
+ if (ltreviewptr != 0)
+ *ltreviewptr = '<';
+
+ ptr[len] = linkedchar;
+
+ content_length += (32 + linklen);
+ StrBufAppendPrintf(converted_msg, "%s\"", new_window);
+ StrBufAppendBufPlain(converted_msg, ptr, linklen, 0);
+ StrBufAppendPrintf(converted_msg, "\">");
+ StrBufAppendBufPlain(converted_msg, ptr, linklen, 0);
+ ptr += linklen;
+ StrBufAppendPrintf(converted_msg, "</A>");
+ }
+ }
+ else {
+ StrBufAppendBufPlain(converted_msg, ptr, 1, 0);
+ ptr++;
+ }
+
+ /**
+ * We need to know when we're inside a tag,
+ * so we don't turn things that look like URL's into
+ * links, when they're already links - or image sources.
+ */
+ if (*(ptr-1) == '<') {
+ ++brak;
+ }
+ if (*(ptr-1) == '>') {
+ --brak;
+ if ((scriptlevel == 0) && (script_start_pos >= 0)) {
+ StrBufCutRight(converted_msg, StrLength(converted_msg) - script_start_pos);
+ script_start_pos = (-1);
+ }
+ }
+ if (!strncasecmp(ptr, "</A>", 3)) --alevel;
+ }
- write(WC->http_sock, msgstart, strlen(msgstart));
+ /** uncomment these two lines to override conversion */
+ /** memcpy(converted_msg, msg, content_length); */
+ /** output_length = content_length; */
- /* A little trailing vertical whitespace... */
- wprintf("<BR><BR>\n");
+ /** Output our big pile of markup */
+ StrBufAppendBuf(Target, converted_msg, 0);
- /* Now give back the memory */
- free(msg);
+BAIL: /** A little trailing vertical whitespace... */
+ StrBufAppendPrintf(Target, "<br /><br />\n");
+ /** Now give back the memory */
+ FreeStrBuf(&converted_msg);
+ if ((msg != NULL) && (Source == NULL)) free(msg);
}
+/*@}*/
projects / citadel.git / blobdiff