[mythtv-commits] Ticket #5435: Incorrect Escaping of '&' in UPNP Requests
MythTV
mythtv at cvs.mythtv.org
Tue Nov 18 02:11:26 UTC 2008
#5435: Incorrect Escaping of '&' in UPNP Requests
-----------------------------------+----------------------------------------
Reporter: jeff at the-seiferts.com | Owner: nigel
Type: patch | Status: assigned
Priority: minor | Milestone: unknown
Component: upnp | Version: head
Severity: medium | Resolution:
Mlocked: 0 |
-----------------------------------+----------------------------------------
Comment(by nigel):
It wasn't a side-effect, the RegExp in the patch just doesn't work, but
the clients sometimes cache old data so it wasn't happening all the time.
Here is the test program I used to experiment:
{{{
#include <QApplication>
#include <QRegExp>
#include <QString>
int main(int argc, char *argv[])
{
QApplication a(argc, argv);
QString data = "blah, blah & blah\n"
"Nigel's\n"
"Error&Error\n"
"Don't wrap. ";
QRegExp entities("^(quot|amp|apos|lt|gt|nbsp"
"|#\\d\\d\\d\\d|#x[0-F][0-F][0-F][0-F]|);");
qWarning("\tString...");
qWarning(qPrintable(data));
int pos = data.indexOf('&');
while (pos >= 0)
{
QString afterAmp = data.mid(++pos);
if (data.mid(++pos).contains(entities))
{
qWarning("ENTITY contained in ");
qWarning(qPrintable(afterAmp))
}
else
data.insert(pos, "amp;");
pos = data.indexOf('&', pos); // Find next &
}
qWarning("\tbecomes..");
qWarning(qPrintable(data));
}
}}}
--
Ticket URL: <http://svn.mythtv.org/trac/ticket/5435#comment:6>
MythTV <http://www.mythtv.org/>
MythTV
More information about the mythtv-commits
mailing list