5 * \defgroup HTML2HTML Output an HTML message, modifying it slightly to make sure it plays nice
6 * with the rest of our web framework.
7 * \ingroup WebcitHttpServer
12 #include "webserver.h"
16 * \brief Strip surrounding single or double quotes from a string.
18 * \param s String to be stripped.
20 void stripquotes(char *s)
29 if ( ( (s[0] == '\"') && (s[len-1] == '\"') ) || ( (s[0] == '\'') && (s[len-1] == '\'') ) ) {
37 * \brief Check to see if a META tag has overridden the declared MIME character set.
39 * \param charset Character set name (left unchanged if we don't do anything)
40 * \param meta_http_equiv Content of the "http-equiv" portion of the META tag
41 * \param meta_content Content of the "content" portion of the META tag
43 void extract_charset_from_meta(char *charset, char *meta_http_equiv, char *meta_content)
49 if (!meta_http_equiv) return;
50 if (!meta_content) return;
53 if (strcasecmp(meta_http_equiv, "Content-type")) return;
55 ptr = strchr(meta_content, ';');
58 safestrncpy(buf, ++ptr, sizeof buf);
60 if (!strncasecmp(buf, "charset=", 8)) {
61 strcpy(charset, &buf[8]);
64 * The brain-damaged webmail program in Microsoft Exchange declares
65 * a charset of "unicode" when they really mean "UTF-8". GNU iconv
66 * treats "unicode" as an alias for "UTF-16" so we have to manually
67 * fix this here, otherwise messages generated in Exchange webmail
68 * show up as a big pile of weird characters.
70 if (!strcasecmp(charset, "unicode")) {
71 strcpy(charset, "UTF-8");
80 * \brief Sanitize and enhance an HTML message for display.
81 * Also convert weird character sets to UTF-8 if necessary.
83 * \param supplied_charset the input charset as declared in the MIME headers
85 void output_html(char *supplied_charset, int treat_as_wiki) {
92 size_t converted_alloc = 0;
93 int buffer_length = 1;
95 int content_length = 0;
96 int output_length = 0;
101 int script_start_pos = (-1);
106 iconv_t ic = (iconv_t)(-1) ;
107 char *ibuf; /**< Buffer of characters to be converted */
108 char *obuf; /**< Buffer for converted characters */
109 size_t ibuflen; /**< Length of input buffer */
110 size_t obuflen; /**< Length of output buffer */
111 char *osav; /**< Saved pointer to output buffer */
114 safestrncpy(charset, supplied_charset, sizeof charset);
116 sprintf(new_window, "<a target=\"%s\" href=", TARGET);
118 while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) {
119 line_length = strlen(buf);
120 buffer_length = content_length + line_length + 2;
121 ptr = realloc(msg, buffer_length);
124 wprintf(_("realloc() error! couldn't get %d bytes: %s"),
127 wprintf("</b><br /><br />\n");
128 while (serv_getln(buf, sizeof buf), strcmp(buf, "000")) {
135 strcpy(&msg[content_length], buf);
136 content_length += line_length;
137 strcpy(&msg[content_length], "\n");
141 /** Do a first pass to isolate the message body */
144 msgend = &msg[content_length];
146 while (ptr < msgend) {
148 /** Advance to next tag */
149 ptr = strchr(ptr, '<');
150 if ((ptr == NULL) || (ptr >= msgend)) break;
152 if ((ptr == NULL) || (ptr >= msgend)) break;
155 * Look for META tags. Some messages (particularly in
156 * Asian locales) illegally declare a message's character
157 * set in the HTML instead of in the MIME headers. This
158 * is wrong but we have to work around it anyway.
160 if (!strncasecmp(ptr, "META", 4)) {
166 char *meta_http_equiv;
170 meta_start = &ptr[4];
171 meta_end = strchr(ptr, '>');
172 if ((meta_end != NULL) && (meta_end <= msgend)) {
173 meta_length = meta_end - meta_start + 1;
174 meta = malloc(meta_length + 1);
175 safestrncpy(meta, meta_start, meta_length);
176 meta[meta_length] = 0;
178 if (!strncasecmp(meta, "HTTP-EQUIV=", 11)) {
179 meta_http_equiv = strdup(&meta[11]);
180 spaceptr = strchr(meta_http_equiv, ' ');
181 if (spaceptr != NULL) {
183 meta_content = strdup(++spaceptr);
184 if (!strncasecmp(meta_content, "content=", 8)) {
185 strcpy(meta_content, &meta_content[8]);
186 stripquotes(meta_http_equiv);
187 stripquotes(meta_content);
188 extract_charset_from_meta(charset,
189 meta_http_equiv, meta_content);
193 free(meta_http_equiv);
200 * Any of these tags cause everything up to and including
201 * the tag to be removed.
203 if ( (!strncasecmp(ptr, "HTML", 4))
204 ||(!strncasecmp(ptr, "HEAD", 4))
205 ||(!strncasecmp(ptr, "/HEAD", 5))
206 ||(!strncasecmp(ptr, "BODY", 4)) ) {
207 ptr = strchr(ptr, '>');
208 if ((ptr == NULL) || (ptr >= msgend)) break;
210 if ((ptr == NULL) || (ptr >= msgend)) break;
215 * Any of these tags cause everything including and following
216 * the tag to be removed.
218 if ( (!strncasecmp(ptr, "/HTML", 5))
219 ||(!strncasecmp(ptr, "/BODY", 5)) ) {
228 if (msgstart > msg) {
229 strcpy(msg, msgstart);
232 /** Convert foreign character sets to UTF-8 if necessary. */
234 if ( (strcasecmp(charset, "us-ascii"))
235 && (strcasecmp(charset, "UTF-8"))
236 && (strcasecmp(charset, ""))
238 lprintf(9, "Converting %s to UTF-8\n", charset);
239 ic = ctdl_iconv_open("UTF-8", charset);
240 if (ic == (iconv_t)(-1) ) {
241 lprintf(5, "%s:%d iconv_open() failed: %s\n",
242 __FILE__, __LINE__, strerror(errno));
245 if (ic != (iconv_t)(-1) ) {
247 ibuflen = content_length;
248 obuflen = content_length + (content_length / 2) ;
249 obuf = (char *) malloc(obuflen);
251 iconv(ic, &ibuf, &ibuflen, &obuf, &obuflen);
252 content_length = content_length + (content_length / 2) - obuflen;
253 osav[content_length] = 0;
261 * At this point, the message has been stripped down to
262 * only the content inside the <BODY></BODY> tags, and has
263 * been converted to UTF-8 if it was originally in a foreign
264 * character set. The text is also guaranteed to be null
268 /** Now go through the message, parsing tags as necessary. */
269 converted_alloc = content_length + 8192;
270 converted_msg = malloc(converted_alloc);
271 if (converted_msg == NULL) {
272 wprintf("Error %d: %s<br />%s:%s", errno, strerror(errno), __FILE__, __LINE__);
276 strcpy(converted_msg, "");
278 msgend = strchr(msg, 0);
279 while (ptr < msgend) {
281 /** Try to sanitize the html of any rogue scripts */
282 if (!strncasecmp(ptr, "<script", 7)) {
283 if (scriptlevel == 0) {
284 script_start_pos = output_length;
288 if (!strncasecmp(ptr, "</script", 8)) {
293 * Change mailto: links to WebCit mail, by replacing the
294 * link with one that points back to our mail room. Due to
295 * the way we parse URL's, it'll even handle mailto: links
296 * that have "?subject=" in them.
298 if (!strncasecmp(ptr, "<a href=\"mailto:", 16)) {
299 content_length += 64;
300 if (content_length >= converted_alloc) {
301 converted_alloc += 8192;
302 converted_msg = realloc(converted_msg, converted_alloc);
303 if (converted_msg == NULL) {
307 sprintf(&converted_msg[output_length],
308 "<a href=\"display_enter?force_room=_MAIL_&recp=");
314 /** Make external links open in a separate window */
315 else if (!strncasecmp(ptr, "<a href=\"", 9)) {
318 if ( ((strchr(ptr, ':') < strchr(ptr, '/')))
319 && ((strchr(ptr, '/') < strchr(ptr, '>')))
321 /* open external links to new window */
322 content_length += 64;
323 if (content_length >= converted_alloc) {
324 converted_alloc += 8192;
325 converted_msg = realloc(converted_msg, converted_alloc);
326 if (converted_msg == NULL) {
330 sprintf(&converted_msg[output_length], new_window);
331 output_length += strlen(new_window);
334 else if ( (treat_as_wiki) && (strncasecmp(ptr, "<a href=\"wiki?", 14)) ) {
335 content_length += 64;
336 if (content_length >= converted_alloc) {
337 converted_alloc += 8192;
338 converted_msg = realloc(converted_msg, converted_alloc);
339 if (converted_msg == NULL) {
343 sprintf(&converted_msg[output_length], "<a href=\"wiki?page=");
348 sprintf(&converted_msg[output_length], "<a href=\"");
355 * Turn anything that looks like a URL into a real link, as long
356 * as it's not inside a tag already
358 else if ( (brak == 0) && (alevel == 0)
359 && (!strncasecmp(ptr, "http://", 7))) {
360 /** Find the end of the link */
363 strlenptr = strlen(ptr);
364 for (i=0; i<=strlenptr; ++i) {
376 if (linklen > 0) break;
379 content_length += (32 + linklen);
380 if (content_length >= converted_alloc) {
381 converted_alloc += 8192;
382 converted_msg = realloc(converted_msg, converted_alloc);
383 if (converted_msg == NULL) {
387 sprintf(&converted_msg[output_length], new_window);
388 output_length += strlen(new_window);
389 converted_msg[output_length] = '\"';
390 converted_msg[++output_length] = 0;
391 for (i=0; i<linklen; ++i) {
392 converted_msg[output_length] = ptr[i];
393 converted_msg[++output_length] = 0;
395 sprintf(&converted_msg[output_length], "\">");
397 for (i=0; i<linklen; ++i) {
398 converted_msg[output_length] = *ptr++;
399 converted_msg[++output_length] = 0;
401 sprintf(&converted_msg[output_length], "</A>");
406 converted_msg[output_length] = *ptr++;
407 converted_msg[++output_length] = 0;
411 * We need to know when we're inside a tag,
412 * so we don't turn things that look like URL's into
413 * links, when they're already links - or image sources.
415 if (*(ptr-1) == '<') {
418 if (*(ptr-1) == '>') {
420 if ((scriptlevel == 0) && (script_start_pos >= 0)) {
421 output_length = script_start_pos;
422 converted_msg[output_length] = 0;
423 script_start_pos = (-1);
426 if (!strncasecmp(ptr, "</A>", 3)) --alevel;
429 /** uncomment these two lines to override conversion */
430 /** memcpy(converted_msg, msg, content_length); */
431 /** output_length = content_length; */
433 /** Output our big pile of markup */
434 client_write(converted_msg, output_length);
436 BAIL: /** A little trailing vertical whitespace... */
437 wprintf("<br /><br />\n");
439 /** Now give back the memory */
440 if (converted_msg != NULL) free(converted_msg);
441 if (msg != NULL) free(msg);