diff options
| author | dequis <dx@dxzone.com.ar> | 2015-03-01 04:23:08 -0300 |
|---|---|---|
| committer | dequis <dx@dxzone.com.ar> | 2015-03-01 17:46:41 -0300 |
| commit | b0542e479435c9558d8c77f85a575dabdd61df92 (patch) | |
| tree | 86c263cc180ea7230404f6beab358a8fb2663e92 | |
| parent | 97f5a33c90cd22c4a03d3dda61e09be9b67091d9 (diff) | |
| download | bitlbee-facebook-b0542e479435c9558d8c77f85a575dabdd61df92.tar.gz bitlbee-facebook-b0542e479435c9558d8c77f85a575dabdd61df92.tar.bz2 bitlbee-facebook-b0542e479435c9558d8c77f85a575dabdd61df92.tar.xz | |
facebook-json: add fb_json_str_escape() to properly escape messages
Fixes issues such as losing messages that include a quote character.
Only escapes the minimum needed to work - control characters,
backslashes and quotes. UTF-8 chars are still valid json, so they are
sent as-is.
| -rw-r--r-- | facebook/facebook-api.c | 7 | ||||
| -rw-r--r-- | facebook/facebook-json.c | 32 | ||||
| -rw-r--r-- | facebook/facebook-json.h | 2 |
3 files changed, 40 insertions, 1 deletions
diff --git a/facebook/facebook-api.c b/facebook/facebook-api.c index a96175f..6c7fc1d 100644 --- a/facebook/facebook-api.c +++ b/facebook/facebook-api.c @@ -956,6 +956,7 @@ void fb_api_message(fb_api_t *api, fb_id_t id, gboolean thread, { guint64 msgid; const gchar *tpfx; + gchar *escaped; g_return_if_fail(api != NULL); g_return_if_fail(msg != NULL); @@ -963,12 +964,16 @@ void fb_api_message(fb_api_t *api, fb_id_t id, gboolean thread, msgid = FB_API_MSGID(g_get_real_time() / 1000, g_random_int()); tpfx = thread ? "tfbid_" : ""; + escaped = fb_json_str_escape(msg); + fb_api_publish(api, "/send_message2", "{" "\"body\":\"%s\"," "\"to\":\"%s%" FB_ID_FORMAT "\"," "\"sender_fbid\":\"%" FB_ID_FORMAT "\"," "\"msgid\":%" G_GUINT64_FORMAT - "}", msg, tpfx, id, api->uid, msgid); + "}", escaped, tpfx, id, api->uid, msgid); + + g_free(escaped); } /** diff --git a/facebook/facebook-json.c b/facebook/facebook-json.c index 6d26289..70f0b39 100644 --- a/facebook/facebook-json.c +++ b/facebook/facebook-json.c @@ -314,3 +314,35 @@ gboolean fb_json_str_chk(const json_value *json, const gchar *name, *val = jv->u.string.ptr; return TRUE; } + +/** + * Backslash-escapes a string to make it safe for json. The returned string + * should be freed with #g_free() when no longer needed. + * + * @param str The string to escape. + * + * @return The resulting string, or NULL on error. + **/ +gchar *fb_json_str_escape(const gchar *str) +{ + GString *out; + guint i; + + g_return_val_if_fail(str != NULL, NULL); + + /* let's overallocate a bit */ + out = g_string_sized_new(strlen(str) * 2); + + for (i = 0; str[i] != '\0'; i++) { + if ((str[i] > 0) && (str[i] < 0x20)) { + g_string_append_printf(out, "\\u%04x", str[i]); + continue; + } + if ((str[i] == '"') || (str[i] == '\\')) { + g_string_append_c(out, '\\'); + } + g_string_append_c(out, str[i]); + } + + return g_string_free(out, FALSE); +} diff --git a/facebook/facebook-json.h b/facebook/facebook-json.h index 1720137..9fecbab 100644 --- a/facebook/facebook-json.h +++ b/facebook/facebook-json.h @@ -71,4 +71,6 @@ const gchar *fb_json_str(const json_value *json, const gchar *name); gboolean fb_json_str_chk(const json_value *json, const gchar *name, const gchar **val); +gchar *fb_json_str_escape(const gchar *str); + #endif /* _FACEBOOK_JSON_H */ |