Re: [dev] [surf] Bookmarks patch for 0.2

From: Nico Golde <nico_AT_ngolde.de>
Date: Wed, 4 Nov 2009 21:38:25 +0100

Hi,
* Tadeusz So??nierz <tadzikes_AT_gmail.com> [2009-11-02 09:39]:
> On 2-11-2009 02:15:25, Nico Golde wrote:
> > * Tadeusz So??nierz <tadzikes_AT_gmail.com> [2009-10-20 16:36]:
> > [...]
> > > +showbmarks(Client *c, const Arg *arg) {
> > > + /* I wonder if 4 kB is too much or not enough */
> > > + char html[4096] = "";
> > > + /* same here. time will tell */
> > > + char uri[128];
> > > + FILE *f;
> > > + stop(c, NULL);
> > > + f = fopen(bmarksfile, "r");
> > > + while(fscanf(f, "%127s\n", uri) != EOF) {
> > > + snprintf(&html[strlen(html)], sizeof(html) - strlen(html),
> > > + "<a href='%s'>%s</a><br />", uri, uri);
> >
> > You may want to html escape the uri, not?
>
> Well, there are some security reasons, if that's what you mean. But
> my tiny investigation (I mean, entering query string to google
> containing html tags) showed that they become urlencoded by the app
> itself, so it seems safe to me. If there's anything I don't know, please
> let me know.

OK fine. Yes that was what I meant.

Cheers
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.

Received on Wed Nov 04 2009 - 20:38:25 UTC

This archive was generated by hypermail 2.2.0 : Wed Nov 04 2009 - 20:48:10 UTC