html: double escape literal + in URLs

It's unclear whether this is correct or whether my server is double
decoding.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2018-12-22 02:38:09 +01:00
parent 6a29695be1
commit f37dd0dd3a

4
html.c
View File

@ -17,7 +17,7 @@ static const char* url_escape_table[256] = {
"%10", "%11", "%12", "%13", "%14", "%15", "%16", "%17",
"%18", "%19", "%1a", "%1b", "%1c", "%1d", "%1e", "%1f",
"%20", NULL, "%22", "%23", NULL, "%25", "%26", "%27",
NULL, NULL, NULL, "%2b", NULL, NULL, NULL, NULL,
NULL, NULL, NULL, "%252b", NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL, "%3c", "%3d", "%3e", "%3f",
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
@ -200,7 +200,7 @@ void html_url_path(const char *txt)
while (t && *t) {
unsigned char c = *t;
const char *e = url_escape_table[c];
if (e && c != '+' && c != '&') {
if (e && c != '&') {
html_raw(txt, t - txt);
html(e);
txt = t + 1;