aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/uri.c30
-rw-r--r--src/uri.h12
2 files changed, 42 insertions, 0 deletions
diff --git a/src/uri.c b/src/uri.c
index 41a613de7..3e622de3b 100644
--- a/src/uri.c
+++ b/src/uri.c
@@ -22,6 +22,7 @@
#include <glib.h>
+#include <assert.h>
#include <string.h>
bool uri_has_scheme(const char *uri)
@@ -45,6 +46,35 @@ uri_get_suffix(const char *uri)
return suffix;
}
+static const char *
+verify_uri_segment(const char *p)
+{
+ const char *q;
+
+ if (*p == 0 || *p == '/' || *p == '.')
+ return NULL;
+
+ q = strchr(p + 1, '/');
+ return q != NULL ? q : "";
+}
+
+bool
+uri_safe_local(const char *uri)
+{
+ while (true) {
+ uri = verify_uri_segment(uri);
+ if (uri == NULL)
+ return false;
+
+ if (*uri == 0)
+ return true;
+
+ assert(*uri == '/');
+
+ ++uri;
+ }
+}
+
char *
uri_remove_auth(const char *uri)
{
diff --git a/src/uri.h b/src/uri.h
index 46d36308b..857080f84 100644
--- a/src/uri.h
+++ b/src/uri.h
@@ -36,6 +36,18 @@ const char *
uri_get_suffix(const char *uri);
/**
+ * Returns true if this is a safe "local" URI:
+ *
+ * - non-empty
+ * - does not begin or end with a slash
+ * - no double slashes
+ * - no path component begins with a dot
+ */
+G_GNUC_PURE
+bool
+uri_safe_local(const char *uri);
+
+/**
* Removes HTTP username and password from the URI. This may be
* useful for displaying an URI without disclosing secrets. Returns
* NULL if nothing needs to be removed, or if the URI is not