# HG changeset patch
# User Nathan Walp <nwalp@pidgin.im>
# Date 1050771640 0
# Node ID 6911a84cbab159165788b7553d2e74bad0c061b4
# Parent  591e8d9a4697586f909256fe85cedfdf65289df0
[gaim-migrate @ 5540]
chip reminded me that attributes can't contain &, <, etc.  this function
will become sentient soon, if we're not careful.

committer: Tailor Script <tailor@pidgin.im>

diff -r 591e8d9a4697 -r 6911a84cbab1 src/html.c
--- a/src/html.c	Sat Apr 19 16:40:53 2003 +0000
+++ b/src/html.c	Sat Apr 19 17:00:40 2003 +0000
@@ -2,6 +2,7 @@
  * gaim
  *
  * Copyright (C) 1998-1999, Mark Spencer <markster@marko.net>
+ *               2003, Nathan Walp <faceprint@faceprint.com>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -329,13 +330,17 @@
 };
 
 #define ALLOW_TAG_ALT(x, y) if(!g_ascii_strncasecmp(c, "<" x " ", strlen("<" x " "))) { \
-						const char *o = c + 1; \
+						const char *o = c + strlen("<" x); \
 						const char *p = NULL, *q = NULL, *r = NULL; \
-						while(*o) { \
+						GString *innards = g_string_new(""); \
+						while(o && *o) { \
 							if(!q && (*o == '\"' || *o == '\'') ) { \
 								q = o; \
 							} else if(q) { \
 								if(*o == *q) { \
+									char *unescaped = g_strndup(q+1, o-q-1); \
+									char *escaped = g_markup_escape_text(unescaped, -1); \
+									g_string_append_printf(innards, "%c%s%c", *q, escaped, *q); \
 									q = NULL; \
 								} else if(*c == '\\') { \
 									o++; \
@@ -345,6 +350,8 @@
 							} else if(*o == '>') { \
 								p = o; \
 								break; \
+							} else { \
+								innards = g_string_append_c(innards, *o); \
 							} \
 							o++; \
 						} \
@@ -357,12 +364,15 @@
 							} \
 							xhtml = g_string_append(xhtml, "<" y); \
 							c += strlen("<" x ); \
-							xhtml = g_string_append_len(xhtml, c, (p - c) + 1); \
+							xhtml = g_string_append(xhtml, innards->str); \
+							xhtml = g_string_append_c(xhtml, '>'); \
 							c = p + 1; \
 						} else { \
 							xhtml = g_string_append(xhtml, "&lt;"); \
 							plain = g_string_append_c(plain, '<'); \
+							c++; \
 						} \
+						g_string_free(innards, TRUE); \
 						continue; \
 					} \
 						if(!g_ascii_strncasecmp(c, "<" x, strlen("<" x)) && \
@@ -389,7 +399,8 @@
 	GString *plain = g_string_new("");
 	GList *tags = NULL, *tag;
 	const char *c = html;
-	while(*c) {
+
+	while(c && *c) {
 		if(*c == '<') {
 			if(*(c+1) == '/') { /* closing tag */
 				tag = tags;
diff -r 591e8d9a4697 -r 6911a84cbab1 src/util.c
--- a/src/util.c	Sat Apr 19 16:40:53 2003 +0000
+++ b/src/util.c	Sat Apr 19 17:00:40 2003 +0000
@@ -82,6 +82,7 @@
 	case '<':
 	case '>':
 	case '"':
+	case '\'':
 		return 1;
 	default:
 		return 0;