1 /*
2  * HTML support functions for CUPS.
3  *
4  * Copyright 2007-2011 by Apple Inc.
5  * Copyright 1997-2006 by Easy Software Products.
6  *
7  * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
8  */
9 
10 /*
11  * Include necessary headers...
12  */
13 
14 #include "cgi-private.h"
15 
16 
17 /*
18  * Local globals...
19  */
20 
21 static const char	*cgi_multipart = NULL;
22 					/* Multipart separator, if any */
23 
24 
25 /*
26  * Local functions...
27  */
28 
29 static const char	*cgi_null_passwd(const char *prompt);
30 
31 
32 /*
33  * 'cgiEndHTML()' - End a HTML page.
34  */
35 
36 void
cgiEndHTML(void)37 cgiEndHTML(void)
38 {
39  /*
40   * Send the standard trailer...
41   */
42 
43   cgiCopyTemplateLang("trailer.tmpl");
44 }
45 
46 
47 /*
48  * 'cgiEndMultipart()' - End the delivery of a multipart web page.
49  */
50 
51 void
cgiEndMultipart(void)52 cgiEndMultipart(void)
53 {
54   if (cgi_multipart)
55   {
56     printf("\n%s--\n", cgi_multipart);
57     fflush(stdout);
58   }
59 }
60 
61 
62 /*
63  * 'cgiFormEncode()' - Encode a string as a form variable.
64  */
65 
66 char *					/* O - Destination string */
cgiFormEncode(char * dst,const char * src,size_t dstsize)67 cgiFormEncode(char       *dst,		/* I - Destination string */
68               const char *src,		/* I - Source string */
69 	      size_t     dstsize)	/* I - Size of destination string */
70 {
71   char			*dstptr,	/* Pointer into destination */
72 			*dstend;	/* End of destination */
73   static const char	*hex =		/* Hexadecimal characters */
74 			"0123456789ABCDEF";
75 
76 
77  /*
78   * Mark the end of the string...
79   */
80 
81   dstend = dst + dstsize - 1;
82 
83  /*
84   * Loop through the source string and copy...
85   */
86 
87   for (dstptr = dst; *src && dstptr < dstend;)
88   {
89     switch (*src)
90     {
91       case ' ' :
92          /*
93 	  * Encode spaces with a "+"...
94 	  */
95 
96           *dstptr++ = '+';
97 	  src ++;
98 	  break;
99 
100       case '&' :
101       case '%' :
102       case '+' :
103          /*
104 	  * Encode special characters with %XX escape...
105 	  */
106 
107           if (dstptr < (dstend - 2))
108 	  {
109 	    *dstptr++ = '%';
110 	    *dstptr++ = hex[(*src & 255) >> 4];
111 	    *dstptr++ = hex[*src & 15];
112 	    src ++;
113 	  }
114           break;
115 
116       default :
117          /*
118 	  * Copy other characters literally...
119 	  */
120 
121           *dstptr++ = *src++;
122 	  break;
123     }
124   }
125 
126  /*
127   * Nul-terminate the destination string...
128   */
129 
130   *dstptr = '\0';
131 
132  /*
133   * Return the encoded string...
134   */
135 
136   return (dst);
137 }
138 
139 
140 /*
141  * 'cgiStartHTML()' - Start a HTML page.
142  */
143 
144 void
cgiStartHTML(const char * title)145 cgiStartHTML(const char *title)		/* I - Title of page */
146 {
147  /*
148   * Disable any further authentication attempts...
149   */
150 
151   cupsSetPasswordCB(cgi_null_passwd);
152 
153  /*
154   * Tell the client to expect UTF-8 encoded HTML...
155   */
156 
157   if (cgi_multipart)
158     puts(cgi_multipart);
159 
160   puts("Content-Type: text/html;charset=utf-8\n");
161 
162  /*
163   * Send a standard header...
164   */
165 
166   cgiSetVariable("TITLE", title);
167   cgiSetServerVersion();
168 
169   cgiCopyTemplateLang("header.tmpl");
170 }
171 
172 
173 /*
174  * 'cgiStartMultipart()' - Start a multipart delivery of a web page.
175  */
176 
177 void
cgiStartMultipart(void)178 cgiStartMultipart(void)
179 {
180   puts("MIME-Version: 1.0\n"
181        "Content-Type: multipart/x-mixed-replace; boundary=\"CUPS-MULTIPART\"\n");
182   fflush(stdout);
183 
184   cgi_multipart = "--CUPS-MULTIPART";
185 }
186 
187 
188 /*
189  * 'cgiSupportsMultipart()' - Does the browser support multi-part documents?
190  */
191 
192 int					/* O - 1 if multi-part supported, 0 otherwise */
cgiSupportsMultipart(void)193 cgiSupportsMultipart(void)
194 {
195  /*
196   * Too many bug reports for browsers that don't support it, and too much pain
197   * to whitelist known-good browsers, so for now we just punt on multi-part
198   * support... :(
199   */
200 
201   return (0);
202 }
203 
204 
205 /*
206  * 'cgi_null_passwd()' - Return a NULL password for authentication.
207  */
208 
209 static const char *			/* O - NULL */
cgi_null_passwd(const char * prompt)210 cgi_null_passwd(const char *prompt)	/* I - Prompt string (unused) */
211 {
212   (void)prompt;
213 
214   fprintf(stderr, "DEBUG: cgi_null_passwd(prompt=\"%s\") called!\n",
215           prompt ? prompt : "(null)");
216 
217   return (NULL);
218 }
219