mirror of
https://github.com/oliverschmidt/contiki.git
synced 2024-12-21 19:29:18 +00:00
Merge pull request #2244 from contiki-os/revert-2213-mqtt-html-sanitize
Revert "Validate MQTT broker IP and escape quotes when displaying"
This commit is contained in:
commit
6e3387c830
@ -137,10 +137,6 @@ PROCESS(httpd_simple_process, "CC26XX Web Server");
|
|||||||
#define REQUEST_TYPE_GET 1
|
#define REQUEST_TYPE_GET 1
|
||||||
#define REQUEST_TYPE_POST 2
|
#define REQUEST_TYPE_POST 2
|
||||||
/*---------------------------------------------------------------------------*/
|
/*---------------------------------------------------------------------------*/
|
||||||
/* Temporary buffer for holding escaped HTML used by html_escape_quotes */
|
|
||||||
#define HTML_ESCAPED_BUFFER_SIZE 128
|
|
||||||
static char html_escaped_buf[HTML_ESCAPED_BUFFER_SIZE];
|
|
||||||
/*---------------------------------------------------------------------------*/
|
|
||||||
static const char *NOT_FOUND = "<html><body bgcolor=\"white\">"
|
static const char *NOT_FOUND = "<html><body bgcolor=\"white\">"
|
||||||
"<center>"
|
"<center>"
|
||||||
"<h1>404 - file not found</h1>"
|
"<h1>404 - file not found</h1>"
|
||||||
@ -309,30 +305,6 @@ url_unescape(const char *src, size_t srclen, char *dst, size_t dstlen)
|
|||||||
return i == srclen;
|
return i == srclen;
|
||||||
}
|
}
|
||||||
/*---------------------------------------------------------------------------*/
|
/*---------------------------------------------------------------------------*/
|
||||||
static char*
|
|
||||||
html_escape_quotes(const char *src)
|
|
||||||
{
|
|
||||||
memset(html_escaped_buf, 0, HTML_ESCAPED_BUFFER_SIZE);
|
|
||||||
size_t dstpos = 0;
|
|
||||||
for(size_t i = 0; i < HTML_ESCAPED_BUFFER_SIZE; i++) {
|
|
||||||
if(src[i] == '\0') {
|
|
||||||
break;
|
|
||||||
} else if(src[i] == '"') {
|
|
||||||
if(dstpos + 6 > HTML_ESCAPED_BUFFER_SIZE) {
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
strcpy(&html_escaped_buf[dstpos], """);
|
|
||||||
dstpos += 6;
|
|
||||||
} else {
|
|
||||||
html_escaped_buf[dstpos++] = src[i];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
html_escaped_buf[HTML_ESCAPED_BUFFER_SIZE - 1] = '\0';
|
|
||||||
return html_escaped_buf;
|
|
||||||
}
|
|
||||||
/*---------------------------------------------------------------------------*/
|
|
||||||
void
|
void
|
||||||
httpd_simple_register_post_handler(httpd_simple_post_handler_t *h)
|
httpd_simple_register_post_handler(httpd_simple_post_handler_t *h)
|
||||||
{
|
{
|
||||||
@ -703,8 +675,7 @@ PT_THREAD(generate_mqtt_config(struct httpd_state *s))
|
|||||||
config_div_right));
|
config_div_right));
|
||||||
PT_WAIT_THREAD(&s->generate_pt,
|
PT_WAIT_THREAD(&s->generate_pt,
|
||||||
enqueue_chunk(s, 0, "value=\"%s\" ",
|
enqueue_chunk(s, 0, "value=\"%s\" ",
|
||||||
html_escape_quotes(
|
cc26xx_web_demo_config.mqtt_config.type_id));
|
||||||
cc26xx_web_demo_config.mqtt_config.type_id)));
|
|
||||||
PT_WAIT_THREAD(&s->generate_pt,
|
PT_WAIT_THREAD(&s->generate_pt,
|
||||||
enqueue_chunk(s, 0, "name=\"type_id\">%s", config_div_close));
|
enqueue_chunk(s, 0, "name=\"type_id\">%s", config_div_close));
|
||||||
|
|
||||||
@ -716,8 +687,7 @@ PT_THREAD(generate_mqtt_config(struct httpd_state *s))
|
|||||||
config_div_right));
|
config_div_right));
|
||||||
PT_WAIT_THREAD(&s->generate_pt,
|
PT_WAIT_THREAD(&s->generate_pt,
|
||||||
enqueue_chunk(s, 0, "value=\"%s\" ",
|
enqueue_chunk(s, 0, "value=\"%s\" ",
|
||||||
html_escape_quotes(
|
cc26xx_web_demo_config.mqtt_config.org_id));
|
||||||
cc26xx_web_demo_config.mqtt_config.org_id)));
|
|
||||||
PT_WAIT_THREAD(&s->generate_pt,
|
PT_WAIT_THREAD(&s->generate_pt,
|
||||||
enqueue_chunk(s, 0, "name=\"org_id\">%s", config_div_close));
|
enqueue_chunk(s, 0, "name=\"org_id\">%s", config_div_close));
|
||||||
|
|
||||||
@ -741,8 +711,7 @@ PT_THREAD(generate_mqtt_config(struct httpd_state *s))
|
|||||||
config_div_right));
|
config_div_right));
|
||||||
PT_WAIT_THREAD(&s->generate_pt,
|
PT_WAIT_THREAD(&s->generate_pt,
|
||||||
enqueue_chunk(s, 0, "value=\"%s\" ",
|
enqueue_chunk(s, 0, "value=\"%s\" ",
|
||||||
html_escape_quotes(
|
cc26xx_web_demo_config.mqtt_config.cmd_type));
|
||||||
cc26xx_web_demo_config.mqtt_config.cmd_type)));
|
|
||||||
PT_WAIT_THREAD(&s->generate_pt,
|
PT_WAIT_THREAD(&s->generate_pt,
|
||||||
enqueue_chunk(s, 0, "name=\"cmd_type\">%s",
|
enqueue_chunk(s, 0, "name=\"cmd_type\">%s",
|
||||||
config_div_close));
|
config_div_close));
|
||||||
@ -755,8 +724,7 @@ PT_THREAD(generate_mqtt_config(struct httpd_state *s))
|
|||||||
config_div_right));
|
config_div_right));
|
||||||
PT_WAIT_THREAD(&s->generate_pt,
|
PT_WAIT_THREAD(&s->generate_pt,
|
||||||
enqueue_chunk(s, 0, "value=\"%s\" ",
|
enqueue_chunk(s, 0, "value=\"%s\" ",
|
||||||
html_escape_quotes(
|
cc26xx_web_demo_config.mqtt_config.event_type_id));
|
||||||
cc26xx_web_demo_config.mqtt_config.event_type_id)));
|
|
||||||
PT_WAIT_THREAD(&s->generate_pt,
|
PT_WAIT_THREAD(&s->generate_pt,
|
||||||
enqueue_chunk(s, 0, "name=\"event_type_id\">%s",
|
enqueue_chunk(s, 0, "name=\"event_type_id\">%s",
|
||||||
config_div_close));
|
config_div_close));
|
||||||
|
@ -64,9 +64,6 @@
|
|||||||
*/
|
*/
|
||||||
static const char *broker_ip = "0064:ff9b:0000:0000:0000:0000:b8ac:7cbd";
|
static const char *broker_ip = "0064:ff9b:0000:0000:0000:0000:b8ac:7cbd";
|
||||||
/*---------------------------------------------------------------------------*/
|
/*---------------------------------------------------------------------------*/
|
||||||
#define ADDRESS_CONVERSION_OK 1
|
|
||||||
#define ADDRESS_CONVERSION_ERROR 0
|
|
||||||
/*---------------------------------------------------------------------------*/
|
|
||||||
/*
|
/*
|
||||||
* A timeout used when waiting for something to happen (e.g. to connect or to
|
* A timeout used when waiting for something to happen (e.g. to connect or to
|
||||||
* disconnect)
|
* disconnect)
|
||||||
@ -359,14 +356,7 @@ ip_addr_post_handler(char *key, int key_len, char *val, int val_len)
|
|||||||
return HTTPD_SIMPLE_POST_HANDLER_UNKNOWN;
|
return HTTPD_SIMPLE_POST_HANDLER_UNKNOWN;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
if(val_len > MQTT_CLIENT_CONFIG_IP_ADDR_STR_LEN) {
|
||||||
* uiplib_ip6addrconv will immediately start writing into the supplied buffer
|
|
||||||
* even if it subsequently fails. Thus, pass an intermediate buffer
|
|
||||||
*/
|
|
||||||
uip_ip6addr_t tmp_addr;
|
|
||||||
|
|
||||||
if(val_len > MQTT_CLIENT_CONFIG_IP_ADDR_STR_LEN
|
|
||||||
|| uiplib_ip6addrconv(val, &tmp_addr) != ADDRESS_CONVERSION_OK) {
|
|
||||||
/* Ours but bad value */
|
/* Ours but bad value */
|
||||||
rv = HTTPD_SIMPLE_POST_HANDLER_ERROR;
|
rv = HTTPD_SIMPLE_POST_HANDLER_ERROR;
|
||||||
} else {
|
} else {
|
||||||
|
Loading…
Reference in New Issue
Block a user