aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorpracticalswift <practicalswift@users.noreply.github.com>2018-11-01 17:03:32 +0100
committerpracticalswift <practicalswift@users.noreply.github.com>2018-11-05 13:27:04 +0100
commitab8c6f24d28ea1d1e6258cf316b4b97a0baf2377 (patch)
tree7fa4264d592abc9f2831f0e3d2e8746d371375be
parent991248649b76a5a071e1360a700f3e2ecf3e1e1f (diff)
Add SAFE_CHARS[SAFE_CHARS_URI]: Chars allowed in URIs (RFC 3986)
-rw-r--r--src/httpserver.cpp2
-rw-r--r--src/util/strencodings.cpp1
-rw-r--r--src/util/strencodings.h1
3 files changed, 3 insertions, 1 deletions
diff --git a/src/httpserver.cpp b/src/httpserver.cpp
index b327af3f19..91ebc4680c 100644
--- a/src/httpserver.cpp
+++ b/src/httpserver.cpp
@@ -241,7 +241,7 @@ static void http_request_cb(struct evhttp_request* req, void* arg)
}
LogPrint(BCLog::HTTP, "Received a %s request for %s from %s\n",
- RequestMethodString(hreq->GetRequestMethod()), SanitizeString(hreq->GetURI()).substr(0, 100), hreq->GetPeer().ToString());
+ RequestMethodString(hreq->GetRequestMethod()), SanitizeString(hreq->GetURI(), SAFE_CHARS_URI).substr(0, 100), hreq->GetPeer().ToString());
// Find registered handler for prefix
std::string strURI = hreq->GetURI();
diff --git a/src/util/strencodings.cpp b/src/util/strencodings.cpp
index 5b8520030b..2a2df43337 100644
--- a/src/util/strencodings.cpp
+++ b/src/util/strencodings.cpp
@@ -20,6 +20,7 @@ static const std::string SAFE_CHARS[] =
CHARS_ALPHA_NUM + " .,;-_/:?@()", // SAFE_CHARS_DEFAULT
CHARS_ALPHA_NUM + " .,;-_?@", // SAFE_CHARS_UA_COMMENT
CHARS_ALPHA_NUM + ".-_", // SAFE_CHARS_FILENAME
+ CHARS_ALPHA_NUM + "!*'();:@&=+$,/?#[]-_.~%", // SAFE_CHARS_URI
};
std::string SanitizeString(const std::string& str, int rule)
diff --git a/src/util/strencodings.h b/src/util/strencodings.h
index 132071c61e..87ccf40a1b 100644
--- a/src/util/strencodings.h
+++ b/src/util/strencodings.h
@@ -25,6 +25,7 @@ enum SafeChars
SAFE_CHARS_DEFAULT, //!< The full set of allowed chars
SAFE_CHARS_UA_COMMENT, //!< BIP-0014 subset
SAFE_CHARS_FILENAME, //!< Chars allowed in filenames
+ SAFE_CHARS_URI, //!< Chars allowed in URIs (RFC 3986)
};
/**