Commit 7e1180d8 authored by Pierre Ynard's avatar Pierre Ynard

access_http: support comments (parentheses) in user-agent

parent adc35019
......@@ -53,6 +53,7 @@
#endif
#include <assert.h>
#include <limits.h>
#ifdef HAVE_LIBPROXY
# include <proxy.h>
......@@ -320,16 +321,40 @@ static int OpenWithCookies( vlc_object_t *p_this, const char *psz_access,
}
/* Determine the HTTP user agent */
/* See RFC2616 §2.2 token definition and §3.8 user-agent header */
/* See RFC2616 §2.2 token and comment definition, and §3.8 and
* §14.43 user-agent header */
p_sys->psz_user_agent = var_InheritString( p_access, "http-user-agent" );
if (p_sys->psz_user_agent)
{
unsigned comment_level = 0;
for( char *p = p_sys->psz_user_agent; *p; p++ )
{
uint8_t c = *p;
if( c < 32 || strchr( "()<>@,;:\\\"[]?={}", c ) )
if (comment_level == 0)
{
if( c < 32 || strchr( ")<>@,;:\\\"[]?={}", c ) )
*p = '_'; /* remove potentially harmful characters */
}
else
{
if (c == ')')
comment_level--;
else if( c < 32 && strchr( "\t\r\n", c ) == NULL)
*p = '_'; /* remove potentially harmful characters */
}
if (c == '(')
{
if (comment_level == UINT_MAX)
break;
comment_level++;
}
}
/* truncate evil unclosed comments */
if (comment_level > 0)
{
char *p = strchr(p_sys->psz_user_agent, '(');
*p = '\0';
}
}
/* HTTP referrer */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment