aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorpracticalswift <practicalswift@users.noreply.github.com>2018-11-01 17:03:32 +0100
committerfanquake <fanquake@gmail.com>2018-11-29 18:34:58 +0800
commit79358817e53ac0a7afa64c747115d492a74e3155 (patch)
tree33d3b3466e6cc288be8719f928b49f90d51b367c
parent9666dbaf09519dfa53ced9b903cc2f4100c58ec2 (diff)
Add SAFE_CHARS[SAFE_CHARS_URI]: Chars allowed in URIs (RFC 3986)
Github-Pull: #14618 Rebased-From: ab8c6f24d28ea1d1e6258cf316b4b97a0baf2377
-rw-r--r--src/httpserver.cpp2
-rw-r--r--src/utilstrencodings.cpp1
-rw-r--r--src/utilstrencodings.h1
3 files changed, 3 insertions, 1 deletions
diff --git a/src/httpserver.cpp b/src/httpserver.cpp
index b3befbe465..2a76d0d46a 100644
--- a/src/httpserver.cpp
+++ b/src/httpserver.cpp
@@ -241,7 +241,7 @@ static void http_request_cb(struct evhttp_request* req, void* arg)
}
LogPrint(BCLog::HTTP, "Received a %s request for %s from %s\n",
- RequestMethodString(hreq->GetRequestMethod()), SanitizeString(hreq->GetURI()).substr(0, 100), hreq->GetPeer().ToString());
+ RequestMethodString(hreq->GetRequestMethod()), SanitizeString(hreq->GetURI(), SAFE_CHARS_URI).substr(0, 100), hreq->GetPeer().ToString());
// Find registered handler for prefix
std::string strURI = hreq->GetURI();
diff --git a/src/utilstrencodings.cpp b/src/utilstrencodings.cpp
index a06d88cb19..3c6e333a62 100644
--- a/src/utilstrencodings.cpp
+++ b/src/utilstrencodings.cpp
@@ -19,6 +19,7 @@ static const std::string SAFE_CHARS[] =
CHARS_ALPHA_NUM + " .,;-_/:?@()", // SAFE_CHARS_DEFAULT
CHARS_ALPHA_NUM + " .,;-_?@", // SAFE_CHARS_UA_COMMENT
CHARS_ALPHA_NUM + ".-_", // SAFE_CHARS_FILENAME
+ CHARS_ALPHA_NUM + "!*'();:@&=+$,/?#[]-_.~%", // SAFE_CHARS_URI
};
std::string SanitizeString(const std::string& str, int rule)
diff --git a/src/utilstrencodings.h b/src/utilstrencodings.h
index 5f2211b5dc..0a06bc3f85 100644
--- a/src/utilstrencodings.h
+++ b/src/utilstrencodings.h
@@ -25,6 +25,7 @@ enum SafeChars
SAFE_CHARS_DEFAULT, //!< The full set of allowed chars
SAFE_CHARS_UA_COMMENT, //!< BIP-0014 subset
SAFE_CHARS_FILENAME, //!< Chars allowed in filenames
+ SAFE_CHARS_URI, //!< Chars allowed in URIs (RFC 3986)
};
/**