Mercurial > pidgin.yaz
comparison src/browser.c @ 3418:0d1af9166119
[gaim-migrate @ 3440]
Life is unhappy when you click a link that says
<a href="http://127.0.0.1 && rm -rf /">pr0n!</a>
Please don't try this on your friends. Update CVS :)
committer: Tailor Script <tailor@pidgin.im>
author | Christian Hammond <chipx86@chipx86.com> |
---|---|
date | Fri, 23 Aug 2002 23:22:26 +0000 |
parents | 68fdee3dd3ef |
children | 284a0ad6a7f0 |
comparison
equal
deleted
inserted
replaced
3417:68fdee3dd3ef | 3418:0d1af9166119 |
---|---|
557 } | 557 } |
558 } | 558 } |
559 | 559 |
560 } | 560 } |
561 | 561 |
562 #if !GTK_CHECK_VERSION(1,3,0) | |
563 /* From Glib 2.0 */ | |
564 /** | |
565 * g_shell_quote: | |
566 * @unquoted_string: a literal string | |
567 * | |
568 * Quotes a string so that the shell (/bin/sh) will interpret the | |
569 * quoted string to mean @unquoted_string. If you pass a filename to | |
570 * the shell, for example, you should first quote it with this | |
571 * function. The return value must be freed with g_free(). The | |
572 * quoting style used is undefined (single or double quotes may be | |
573 * used). | |
574 * | |
575 * Return value: quoted string | |
576 **/ | |
577 gchar* | |
578 g_shell_quote (const gchar *unquoted_string) | |
579 { | |
580 /* We always use single quotes, because the algorithm is cheesier. | |
581 * We could use double if we felt like it, that might be more | |
582 * human-readable. | |
583 */ | |
584 const gchar *p; | |
585 GString *dest; | |
586 | |
587 g_return_val_if_fail (unquoted_string != NULL, NULL); | |
588 | |
589 dest = g_string_new ("'"); | |
590 | |
591 p = unquoted_string; | |
592 | |
593 /* could speed this up a lot by appending chunks of text at a | |
594 * time. | |
595 */ | |
596 while (*p) | |
597 { | |
598 /* Replace literal ' with a close ', a \', and a open ' */ | |
599 if (*p == '\'') | |
600 g_string_append (dest, "'\\''"); | |
601 else | |
602 g_string_append_c (dest, *p); | |
603 ++p; | |
604 } | |
605 /* close the quote */ | |
606 g_string_append_c (dest, '\''); | |
607 | |
608 p = dest->str; | |
609 g_string_free (dest, FALSE); | |
610 return p; | |
611 } | |
612 #endif | |
613 | |
614 void open_url(GtkWidget *w, char *url) | 562 void open_url(GtkWidget *w, char *url) |
615 { | 563 { |
616 | 564 |
617 if (web_browser == BROWSER_NETSCAPE) { | 565 if (web_browser == BROWSER_NETSCAPE) { |
618 char *command; | 566 char *command; |
632 pid_t pid; | 580 pid_t pid; |
633 | 581 |
634 pid = fork(); | 582 pid = fork(); |
635 | 583 |
636 if (pid == 0) { | 584 if (pid == 0) { |
637 char *args[4]; | 585 char **args; |
638 char command[1024]; | 586 char command[1024]; |
639 char *quoted = NULL; | 587 char *quoted = NULL; |
640 | 588 |
641 if (web_browser == BROWSER_OPERA) { | 589 if (web_browser == BROWSER_OPERA) { |
642 args[0] = "opera"; | 590 args[0] = "opera"; |
661 } else if (web_browser == BROWSER_MOZILLA) { | 609 } else if (web_browser == BROWSER_MOZILLA) { |
662 args[0] = "mozilla"; | 610 args[0] = "mozilla"; |
663 args[1] = url; | 611 args[1] = url; |
664 args[2] = NULL; | 612 args[2] = NULL; |
665 } else if (web_browser == BROWSER_MANUAL) { | 613 } else if (web_browser == BROWSER_MANUAL) { |
666 g_snprintf(command, sizeof(command), web_command, quoted); | 614 gchar *space_free_url; |
667 quoted = g_shell_quote(command); | 615 space_free_url = g_strdelimit(url, " ", '+'); |
668 args[0] = "sh"; | 616 g_snprintf(command, sizeof(command), web_command, space_free_url); |
669 args[1] = "-c"; | 617 g_free(space_free_url); |
670 args[2] = quoted; | 618 args = g_strsplit(command, " ", 0); |
671 args[3] = NULL; | |
672 } | 619 } |
673 | 620 |
674 execvp(args[0], args); | 621 execvp(args[0], args); |
675 if (quoted) | 622 if (quoted) |
676 g_free(quoted); | 623 g_free(quoted); |