Hi,
* Tadeusz So??nierz <tadzi...@gmail.com> [2009-11-02 09:39]:
> On 2-11-2009 02:15:25, Nico Golde wrote:
> > * Tadeusz So??nierz <tadzi...@gmail.com> [2009-10-20 16:36]:
> > [...]
> > > +showbmarks(Client *c, const Arg *arg) {
> > > + /* I wonder if 4 kB is too much or not enough */
> > > + char html[4096] = "";
> > > + /* same here. time will tell */
> > > + char uri[128];
> > > + FILE *f;
> > > + stop(c, NULL);
> > > + f = fopen(bmarksfile, "r");
> > > + while(fscanf(f, "%127s\n", uri) != EOF) {
> > > + snprintf(&html[strlen(html)], sizeof(html) - strlen(html),
> > > + "<a href='%s'>%s</a><br />", uri, uri);
> >
> > You may want to html escape the uri, not?
>
> Well, there are some security reasons, if that's what you mean. But
> my tiny investigation (I mean, entering query string to google
> containing html tags) showed that they become urlencoded by the app
> itself, so it seems safe to me. If there's anything I don't know, please
> let me know.OK fine. Yes that was what I meant. Cheers Nico -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
pgp6TFCDVfjfQ.pgp
Description: PGP signature
