diff options
Diffstat (limited to '')
-rw-r--r-- | libnetdata/url/url.c (renamed from src/url.c) | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/url.c b/libnetdata/url/url.c index 6be4d9648..07a9f8069 100644 --- a/src/url.c +++ b/libnetdata/url/url.c @@ -1,4 +1,6 @@ -#include "common.h" +// SPDX-License-Identifier: GPL-3.0-or-later + +#include "../libnetdata.h" // ---------------------------------------------------------------------------- // URL encode / decode @@ -58,7 +60,9 @@ char *url_decode_r(char *to, char *url, size_t size) { while(*s && d < e) { if(unlikely(*s == '%')) { if(likely(s[1] && s[2])) { - *d++ = from_hex(s[1]) << 4 | from_hex(s[2]); + char t = from_hex(s[1]) << 4 | from_hex(s[2]); + // avoid HTTP header injection + *d++ = (char)((isprint(t))? t : ' '); s += 2; } } |