Escape functions
[Apache Portability Runtime library]

Defines

#define APR_ESCAPE_STRING   (-1)

Functions

apr_status_t apr_escape_shell (char *escaped, const char *str, apr_ssize_t slen, apr_size_t *len)
const char * apr_pescape_shell (apr_pool_t *p, const char *str)
apr_status_t apr_unescape_url (char *escaped, const char *url, apr_ssize_t slen, const char *forbid, const char *reserved, int plus, apr_size_t *len)
const char * apr_punescape_url (apr_pool_t *p, const char *url, const char *forbid, const char *reserved, int plus)
apr_status_t apr_escape_path_segment (char *escaped, const char *str, apr_ssize_t slen, apr_size_t *len)
const char * apr_pescape_path_segment (apr_pool_t *p, const char *str)
apr_status_t apr_escape_path (char *escaped, const char *path, apr_ssize_t slen, int partial, apr_size_t *len)
const char * apr_pescape_path (apr_pool_t *p, const char *str, int partial)
apr_status_t apr_escape_urlencoded (char *escaped, const char *str, apr_ssize_t slen, apr_size_t *len)
const char * apr_pescape_urlencoded (apr_pool_t *p, const char *str)
apr_status_t apr_escape_entity (char *escaped, const char *str, apr_ssize_t slen, int toasc, apr_size_t *len)
const char * apr_pescape_entity (apr_pool_t *p, const char *str, int toasc)
apr_status_t apr_unescape_entity (char *unescaped, const char *str, apr_ssize_t slen, apr_size_t *len)
const char * apr_punescape_entity (apr_pool_t *p, const char *str)
apr_status_t apr_escape_echo (char *escaped, const char *str, apr_ssize_t slen, int quote, apr_size_t *len)
const char * apr_pescape_echo (apr_pool_t *p, const char *str, int quote)
apr_status_t apr_escape_hex (char *dest, const void *src, apr_size_t srclen, int colon, apr_size_t *len)
const char * apr_pescape_hex (apr_pool_t *p, const void *src, apr_size_t slen, int colon)
apr_status_t apr_unescape_hex (void *dest, const char *str, apr_ssize_t slen, int colon, apr_size_t *len)
const void * apr_punescape_hex (apr_pool_t *p, const char *str, int colon, apr_size_t *len)

Define Documentation

#define APR_ESCAPE_STRING   (-1)

When passing a string to one of the escape functions, this value can be passed to indicate a string-valued key, and have the length computed automatically.

Function Documentation

apr_status_t apr_escape_echo ( char *  escaped,
const char *  str,
apr_ssize_t  slen,
int  quote,
apr_size_t *  len 
)

Escape control characters in a string, as performed by the shell's 'echo' command. Characters are replaced as follows: \a alert (bell), \b backspace, \f form feed, \n new line, \r carriage return, \t horizontal tab, \v vertical tab, \ backslash.

Any non ascii character will be encoded as '\xHH', where HH is the hex code of the character.

If quote is not zero, the double quote character will also be escaped.

Parameters:
escaped Optional buffer to write the encoded string, can be NULL
str The original string
slen The length of the original string, or APR_ESCAPE_STRING
quote If non zero, encode double quotes
len If present, returns the length of the string
Returns:
APR_SUCCESS, or APR_NOTFOUND if no changes to the string were detected or the string was NULL
apr_status_t apr_escape_entity ( char *  escaped,
const char *  str,
apr_ssize_t  slen,
int  toasc,
apr_size_t *  len 
)

Apply entity encoding to a string. Characters are replaced as follows: '<' becomes '<', '>' becomes '>', '&' becomes '&', the double quote becomes '" and the single quote becomes '''.

If toasc is not zero, any non ascii character will be encoded as '%#ddd;', where ddd is the decimal code of the character.

Parameters:
escaped Optional buffer to write the encoded string, can be NULL
str The original string
slen The length of the original string, or APR_ESCAPE_STRING
toasc If non zero, encode non ascii characters
len If present, returns the length of the string
Returns:
APR_SUCCESS, or APR_NOTFOUND if no changes to the string were detected or the string was NULL
apr_status_t apr_escape_hex ( char *  dest,
const void *  src,
apr_size_t  srclen,
int  colon,
apr_size_t *  len 
)

Convert binary data to a hex encoding.

Parameters:
dest The destination buffer, can be NULL
src The original buffer
srclen The length of the original buffer
colon If not zero, insert colon characters between hex digits.
len If present, returns the length of the string
Returns:
APR_SUCCESS, or APR_NOTFOUND if the string was NULL
apr_status_t apr_escape_path ( char *  escaped,
const char *  path,
apr_ssize_t  slen,
int  partial,
apr_size_t *  len 
)

Converts an OS path to a URL, in an OS dependent way, as defined in RFC1808. In all cases if a ':' occurs before the first '/' in the URL, the URL should be prefixed with "./" (or the ':' escaped). In the case of Unix, this means leaving '/' alone, but otherwise doing what escape_path_segment() does. For efficiency reasons, we don't use escape_path_segment(), which is provided for reference. Again, RFC 1808 is where this stuff is defined.

If partial is set, os_escape_path() assumes that the path will be appended to something with a '/' in it (and thus does not prefix "./").

Parameters:
escaped Optional buffer to write the encoded string, can be NULL
path The original string
slen The length of the original string, or APR_ESCAPE_STRING
partial If non zero, suppresses the prepending of "./"
len If present, returns the length of the string
Returns:
APR_SUCCESS, or APR_NOTFOUND if no changes to the string were detected or if the string was NULL
apr_status_t apr_escape_path_segment ( char *  escaped,
const char *  str,
apr_ssize_t  slen,
apr_size_t *  len 
)

Escape a path segment, as defined in RFC1808.

Parameters:
escaped Optional buffer to write the encoded string, can be NULL
str The original string
slen The length of the original string, or APR_ESCAPE_STRING
len If present, returns the length of the string
Returns:
APR_SUCCESS, or APR_NOTFOUND if no changes to the string were detected or the string was NULL
apr_status_t apr_escape_shell ( char *  escaped,
const char *  str,
apr_ssize_t  slen,
apr_size_t *  len 
)

Perform shell escaping on the provided string.

Shell escaping causes characters to be prefixed with a '\' character.

Parameters:
escaped Optional buffer to write the encoded string, can be NULL
str The original string
slen The length of the original string, or APR_ESCAPE_STRING
len If present, returns the length of the string
Returns:
APR_SUCCESS, or APR_NOTFOUND if no changes to the string were detected or the string was NULL
apr_status_t apr_escape_urlencoded ( char *  escaped,
const char *  str,
apr_ssize_t  slen,
apr_size_t *  len 
)

Urlencode a string, as defined in http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.1.

Parameters:
escaped Optional buffer to write the encoded string, can be NULL
str The original string
slen The length of the original string, or APR_ESCAPE_STRING
len If present, returns the length of the string
Returns:
APR_SUCCESS, or APR_NOTFOUND if no changes to the string were detected or if the stirng was NULL
const char* apr_pescape_echo ( apr_pool_t p,
const char *  str,
int  quote 
)

Escape control characters in a string, as performed by the shell's 'echo' command, and return the results from a pool. Characters are replaced as follows: \a alert (bell), \b backspace, \f form feed, \n new line, \r carriage return, \t horizontal tab, \v vertical tab, \ backslash.

Any non ascii character will be encoded as '\xHH', where HH is the hex code of the character.

If quote is not zero, the double quote character will also be escaped.

Parameters:
p Pool to allocate from
str The original string
quote If non zero, encode double quotes
Returns:
A string allocated from the pool on success, the original string if no characters are encoded or the string is NULL.
const char* apr_pescape_entity ( apr_pool_t p,
const char *  str,
int  toasc 
)

Apply entity encoding to a string, returning the result from a pool. Characters are replaced as follows: '<' becomes '<', '>' becomes '>', '&' becomes '&', the double quote becomes '" and the single quote becomes '''.

Parameters:
p Pool to allocate from
str The original string
toasc If non zero, encode non ascii characters
Returns:
A string allocated from the pool on success, the original string if no characters are encoded or the string is NULL.
const char* apr_pescape_hex ( apr_pool_t p,
const void *  src,
apr_size_t  slen,
int  colon 
)

Convert binary data to a hex encoding, and return the results from a pool.

Parameters:
p Pool to allocate from
src The original buffer
slen The length of the original buffer
colon If not zero, insert colon characters between hex digits.
Returns:
A zero padded buffer allocated from the pool on success, or NULL if src was NULL.
const char* apr_pescape_path ( apr_pool_t p,
const char *  str,
int  partial 
)

Converts an OS path to a URL, in an OS dependent way, as defined in RFC1808, returning the result from a pool.

In all cases if a ':' occurs before the first '/' in the URL, the URL should be prefixed with "./" (or the ':' escaped). In the case of Unix, this means leaving '/' alone, but otherwise doing what escape_path_segment() does. For efficiency reasons, we don't use escape_path_segment(), which is provided for reference. Again, RFC 1808 is where this stuff is defined.

If partial is set, os_escape_path() assumes that the path will be appended to something with a '/' in it (and thus does not prefix "./").

Parameters:
p Pool to allocate from
str The original string
partial If non zero, suppresses the prepending of "./"
Returns:
A string allocated from the pool on success, the original string if no characters are encoded or if the string was NULL.
const char* apr_pescape_path_segment ( apr_pool_t p,
const char *  str 
)

Escape a path segment, as defined in RFC1808, returning the result from a pool.

Parameters:
p Pool to allocate from
str String to be escaped
Returns:
A string allocated from the pool on success, the original string if no characters are encoded or the string is NULL.
const char* apr_pescape_shell ( apr_pool_t p,
const char *  str 
)

Perform shell escaping on the provided string, returning the result from the pool.

Shell escaping causes characters to be prefixed with a '\' character.

If no characters were escaped, the original string is returned.

Parameters:
p Pool to allocate from
str The original string
Returns:
the encoded string, allocated from the pool, or the original string if no escaping took place or the string was NULL.
const char* apr_pescape_urlencoded ( apr_pool_t p,
const char *  str 
)

Urlencode a string, as defined in http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.1, returning the result from a pool.

Parameters:
p Pool to allocate from
str String to be escaped
Returns:
A string allocated from the pool on success, the original string if no characters are encoded or if the string was NULL.
const char* apr_punescape_entity ( apr_pool_t p,
const char *  str 
)

Decodes html entities or numeric character references in a string. If the string to be unescaped is syntactically incorrect, then the following fixups will be made: unknown entities will be left undecoded; references to unused numeric characters will be deleted. In particular, &#00; will not be decoded, but will be deleted.

Parameters:
p Pool to allocate from
str The original string
Returns:
A string allocated from the pool on success, the original string if no characters are encoded or the string is NULL.
const void* apr_punescape_hex ( apr_pool_t p,
const char *  str,
int  colon,
apr_size_t *  len 
)

Convert hex encoding to binary data, and return the results from a pool. If the colon character appears between pairs of hex digits, it will be ignored.

Parameters:
p Pool to allocate from
str The original string
colon If not zero, ignore colon characters between hex digits.
len If present, returns the length of the final buffer
Returns:
A buffer allocated from the pool on success, or NULL if src was NULL, or a bad character was present.
const char* apr_punescape_url ( apr_pool_t p,
const char *  url,
const char *  forbid,
const char *  reserved,
int  plus 
)

Unescapes a URL, leaving reserved characters intact, returning the result from a pool.

Parameters:
p Pool to allocate from
url String to be unescaped in place
forbid Optional list of forbidden characters, in addition to 0x00
reserved Optional list of reserved characters that will be left unescaped
plus If non zero, '+' is converted to ' ' as per application/x-www-form-urlencoded encoding
Returns:
A string allocated from the pool on success, the original string if no characters are decoded, or NULL if a bad escape sequence is found or if a character on the forbid list is found, or if the original string was NULL.
apr_status_t apr_unescape_entity ( char *  unescaped,
const char *  str,
apr_ssize_t  slen,
apr_size_t *  len 
)

Decodes html entities or numeric character references in a string. If the string to be unescaped is syntactically incorrect, then the following fixups will be made: unknown entities will be left undecoded; references to unused numeric characters will be deleted. In particular, &#00; will not be decoded, but will be deleted.

Parameters:
unescaped Optional buffer to write the encoded string, can be NULL
str The original string
slen The length of the original string, or APR_ESCAPE_STRING
len If present, returns the length of the string
Returns:
APR_SUCCESS, or APR_NOTFOUND if no changes to the string were detected or the string was NULL
apr_status_t apr_unescape_hex ( void *  dest,
const char *  str,
apr_ssize_t  slen,
int  colon,
apr_size_t *  len 
)

Convert hex encoded string to binary data.

Parameters:
dest The destination buffer, can be NULL
str The original buffer
slen The length of the original buffer
colon If not zero, ignore colon characters between hex digits.
len If present, returns the length of the string
Returns:
APR_SUCCESS, or APR_NOTFOUND if the string was NULL, or APR_BADCH if a non hex character is present.
apr_status_t apr_unescape_url ( char *  escaped,
const char *  url,
apr_ssize_t  slen,
const char *  forbid,
const char *  reserved,
int  plus,
apr_size_t *  len 
)

Unescapes a URL, leaving reserved characters intact.

Parameters:
escaped Optional buffer to write the encoded string, can be NULL
url String to be unescaped
slen The length of the original url, or APR_ESCAPE_STRING
forbid Optional list of forbidden characters, in addition to 0x00
reserved Optional list of reserved characters that will be left unescaped
plus If non zero, '+' is converted to ' ' as per application/x-www-form-urlencoded encoding
len If set, the length of the escaped string will be returned
Returns:
APR_SUCCESS on success, APR_NOTFOUND if no characters are decoded or the string is NULL, APR_EINVAL if a bad escape sequence is found, APR_BADCH if a character on the forbid list is found.
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Defines
Generated on 19 Jun 2014 for Apache Portable Runtime by  doxygen 1.6.1