Author: toad
Date: 2009-01-06 17:20:44 +0000 (Tue, 06 Jan 2009)
New Revision: 24927
Modified:
trunk/freenet/src/freenet/clients/http/filter/HTMLFilter.java
Log:
Comments, explain why single quotes in a URI are not a big problem here.
Modified: trunk/freenet/src/freenet/clients/http/filter/HTMLFilter.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/filter/HTMLFilter.java
2009-01-06 17:10:27 UTC (rev 24926)
+++ trunk/freenet/src/freenet/clients/http/filter/HTMLFilter.java
2009-01-06 17:20:44 UTC (rev 24927)
@@ -245,6 +245,7 @@
}
break;
case INTAGQUOTES :
+ // Inside
double-quotes, single quotes are just another character, perfectly legal in a
URL.
if (c == '"') {
mode = INTAG;
b.append(c); //
Part of the element
@@ -310,6 +311,9 @@
b.append(c);
} else if (c == '\'') {
// e.g. <div
align = 'center'> (avian)
+ // This will be
converted automatically to double quotes \"
+ // Note that
SINGLE QUOTES ARE LEGAL IN URLS ...
+ // If we have
single quotes inside single quotes, we could get into a major mess here... but
that's really malformed code, and it will still be safe, it will just be
unreadable.
mode =
INTAGSQUOTES;
b.append(c);
} else if (c == '>') {
_______________________________________________
cvs mailing list
[email protected]
http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs
