Browse code

lib/kcore: make escape_param() conform to RFC3261

Camille Oudot authored on 06/11/2013 15:28:44
Showing 1 changed files
... ...
@@ -312,7 +312,11 @@ int unescape_param(str *sin, str *sout)
312 312
 
313 313
 /*! \brief
314 314
  * Escape all printable characters that are not valid in
315
- * a param part of request uri: = | ; | , |   | " | ? | &
315
+ * a param part of request uri
316
+ * no_need_to_escape = unreserved | param-unreserved
317
+ * unreserved = alphanum | mark
318
+ * mark = - | _ | . | ! | ~ | * | ' | ( | )
319
+ * param-unreserved = [ | ] | / | : | & | + | $
316 320
  */
317 321
 int escape_param(str *sin, str *sout)
318 322
 {
... ...
@@ -329,33 +333,47 @@ int escape_param(str *sin, str *sout)
329 333
         if (*p < 32 || *p > 126) {
330 334
             LM_ERR("invalid escaped character <%u>\n", (unsigned int)*p);
331 335
             return -1;
332
-        }
333
-        switch (*p) {
334
-        case ' ':
335
-        case '?':
336
-        case '&':
337
-        case '=':
338
-        case ',':
339
-        case ';':
340
-        case '"':
341
-        case '+':
342
-            *at++ = '%';
343
-            x = (*p) >> 4;
344
-            if (x < 10)
345
-            {
346
-                *at++ = x + '0';
347
-            } else {
348
-                *at++ = x - 10 + 'a';
349
-            }
350
-            x = (*p) & 0x0f;
351
-            if (x < 10) {
352
-                *at = x + '0';
353
-            } else {
354
-                *at = x - 10 + 'a';
355
-            }
356
-            break;
357
-        default:
336
+        } else if (isdigit((int)*p) || ((*p >= 'A') && (*p <= 'Z')) ||
337
+                ((*p >= 'a') && (*p <= 'z'))) {
358 338
             *at = *p;
339
+        } else {
340
+            switch (*p) {
341
+                case '-':
342
+                case '_':
343
+                case '.':
344
+                case '!':
345
+                case '~':
346
+                case '*':
347
+                case '\'':
348
+                case '(':
349
+                case ')':
350
+                case '[':
351
+                case ']':
352
+                case '/':
353
+                case ':':
354
+                case '&':
355
+                case '+':
356
+                case '$':
357
+                    *at = *p;
358
+                    break;
359
+                default:
360
+
361
+                    *at++ = '%';
362
+                    x = (*p) >> 4;
363
+                    if (x < 10)
364
+                    {
365
+                        *at++ = x + '0';
366
+                    } else {
367
+                        *at++ = x - 10 + 'a';
368
+                    }
369
+                    x = (*p) & 0x0f;
370
+                    if (x < 10) {
371
+                        *at = x + '0';
372
+                    } else {
373
+                        *at = x - 10 + 'a';
374
+                    }
375
+                    break;
376
+            }
359 377
         }
360 378
         at++;
361 379
         p++;