diff --git a/favicon.ico b/favicon.ico new file mode 100644 index 000000000..8a0ccd519 Binary files /dev/null and b/favicon.ico differ diff --git a/src/httpserver/http_fns.c b/src/httpserver/http_fns.c index 8ab1c475e..91c465e9f 100644 --- a/src/httpserver/http_fns.c +++ b/src/httpserver/http_fns.c @@ -142,6 +142,22 @@ void postFormAction(http_request_t* request, char* action, char* value) { hprintf255(request, "
", action, value); } +/// @brief Generate a pair of label and field elements for Name type entry. The field is limited to entry of a-zA-Z0-9_- characters. +/// @param request +/// @param label +/// @param fieldId This also gets used as the field name +/// @param value +/// @param preContent +void add_label_name_field(http_request_t* request, char* label, char* fieldId, const char* value, char* preContent) { + if (strlen(preContent) > 0) { + poststr(request, preContent); + } + + hprintf255(request, "
", fieldId, label); + hprintf255(request, ""); +} + /// @brief Generate a pair of label and field elements. /// @param request /// @param label @@ -153,7 +169,6 @@ void add_label_input(http_request_t* request, char* inputType, char* label, char poststr(request, preContent); } - //These individual strings should be less than 256 .. yes hprintf255 uses 256 char buffer hprintf255(request, "
", fieldId, label); hprintf255(request, "", inputType, fieldId, fieldId, value); } @@ -926,8 +941,9 @@ int http_fn_cfg_name(http_request_t* request) { CFG_Save_IfThereArePendingChanges(); poststr(request, "

Use this to change device names

"); - add_label_text_field(request, "ShortName", "shortName", CFG_GetShortDeviceName(), "
"); - add_label_text_field(request, "Full Name", "name", CFG_GetDeviceName(), "
"); + add_label_name_field(request, "ShortName", "shortName", CFG_GetShortDeviceName(), ""); + add_label_name_field(request, "Full Name", "name", CFG_GetDeviceName(), "
"); + poststr(request, "

"); poststr(request, "" "" ""; @@ -116,6 +119,64 @@ int my_strnicmp(const char* a, const char* b, int len) { return 0; } + +/// @brief Write escaped data to the response. +/// @param request +/// @param str +void poststr_escaped(http_request_t* request, char* str) { + if (str == NULL) { + postany(request, NULL, 0); + return; + } + + int i; + bool foundChar = false; + int len = strlen(str); + + //Do a quick check if escaping is necessary + for (i = 0; (foundChar == false) && (i < len); i++) { + switch (str[i]) { + case '<': + foundChar = true; + break; + case '>': + foundChar = true; + break; + case '&': + foundChar = true; + break; + case '"': + foundChar = true; + break; + } + } + + if (foundChar) { + for (i = 0; i < len; i++) { + switch (str[i]) { + case '<': + postany(request, "<", 4); + break; + case '>': + postany(request, ">", 4); + break; + case '&': + postany(request, "&", 5); + break; + case '"': + postany(request, """, 6); + break; + default: + postany(request, str + i, 1); + break; + } + } + } + else { + postany(request, str, strlen(str)); + } +} + bool http_startsWith(const char* base, const char* substr) { while (*substr != 0) { if (*base != *substr) @@ -167,17 +228,18 @@ void http_setup(http_request_t* request, const char* type) { void http_html_start(http_request_t* request, const char* pagename) { poststr(request, htmlDoctype); - poststr(request, ""); - poststr(request, CFG_GetDeviceName()); // todo: check escaping + poststr(request, "<head><title>"); + poststr(request, CFG_GetDeviceName()); if (pagename) { - poststr(request, " - "); - poststr(request, pagename); + hprintf255(request, " - %s", pagename); } poststr(request, ""); - poststr(request, htmlHeadMain); + poststr(request, htmlShortcutIcon); + poststr(request, htmlHeadMeta); poststr(request, htmlHeadStyle); + poststr(request, ""); poststr(request, htmlBodyStart); - poststr(request, CFG_GetDeviceName()); // todo: check escaping + poststr(request, CFG_GetDeviceName()); poststr(request, htmlBodyStart2); } @@ -424,7 +486,7 @@ int hprintf255(http_request_t* request, const char* fmt, ...) { va_list argList; //BaseType_t taken; char tmp[256]; - memset(tmp, 0, 256); + memset(tmp, 0, sizeof(tmp)); va_start(argList, fmt); vsnprintf(tmp, 255, fmt, argList); va_end(argList); diff --git a/src/httpserver/new_http.h b/src/httpserver/new_http.h index 8fb81dfff..21ecb2453 100644 --- a/src/httpserver/new_http.h +++ b/src/httpserver/new_http.h @@ -8,6 +8,10 @@ extern const char httpMimeTypeText[]; // TEXT MIME type extern const char httpMimeTypeJson[]; extern const char httpMimeTypeBinary[]; +extern const char htmlShortcutIcon[]; +extern const char htmlDoctype[]; +extern const char htmlHeadMeta[]; + extern const char htmlFooterReturnToMenu[]; extern const char htmlFooterRefreshLink[]; extern const char htmlFooterReturnToCfgLink[]; @@ -57,6 +61,7 @@ void http_setup(http_request_t* request, const char* type); void http_html_start(http_request_t* request, const char* pagename); void http_html_end(http_request_t* request); int poststr(http_request_t* request, const char* str); +void poststr_escaped(http_request_t* request, char* str); int postany(http_request_t* request, const char* str, int len); void misc_formatUpTimeString(int totalSeconds, char* o); // void HTTP_AddBuildFooter(http_request_t *request); @@ -82,3 +87,4 @@ typedef int (*http_callback_fn)(http_request_t* request); int HTTP_RegisterCallback(const char* url, int method, http_callback_fn callback); #endif + diff --git a/src/httpserver/rest_interface.c b/src/httpserver/rest_interface.c index ec5d09296..53847c652 100644 --- a/src/httpserver/rest_interface.c +++ b/src/httpserver/rest_interface.c @@ -53,7 +53,6 @@ static int http_rest_get_lfs_delete(http_request_t* request); static int http_rest_get_lfs_file(http_request_t* request); static int http_rest_post_lfs_file(http_request_t* request); #endif -static int http_favicon(http_request_t* request); static int http_rest_post_reboot(http_request_t* request); static int http_rest_post_flash(http_request_t* request, int startaddr, int maxaddr); @@ -78,57 +77,8 @@ void init_rest() { HTTP_RegisterCallback("/api/", HTTP_GET, http_rest_get); HTTP_RegisterCallback("/api/", HTTP_POST, http_rest_post); HTTP_RegisterCallback("/app", HTTP_GET, http_rest_app); - HTTP_RegisterCallback("/favicon.ico", HTTP_GET, http_favicon); } -const char* apppage1 = -"" -"" -" " -" " -" " -" " -"" -"" -""; - - /* Extracts string token value into outBuffer (128 char). Returns true if the operation was successful. */ bool tryGetTokenString(const char* json, jsmntok_t* tok, char* outBuffer) { int length; @@ -168,20 +118,20 @@ static int http_rest_get(http_request_t* request) { #ifdef BK_LITTLEFS if (!strcmp(request->url, "api/fsblock")) { - uint32_t newsize = CFG_GetLFS_Size(); - uint32_t newstart = (LFS_BLOCKS_END - newsize); + uint32_t newsize = CFG_GetLFS_Size(); + uint32_t newstart = (LFS_BLOCKS_END - newsize); - newsize = (newsize/LFS_BLOCK_SIZE)*LFS_BLOCK_SIZE; + newsize = (newsize / LFS_BLOCK_SIZE) * LFS_BLOCK_SIZE; - // double check again that we're within bounds - don't want - // boot overwrite or anything nasty.... - if (newstart < LFS_BLOCKS_START_MIN){ - return http_rest_error(request, -20, "LFS Size mismatch"); - } - if ((newstart + newsize > LFS_BLOCKS_END) || - (newstart + newsize < LFS_BLOCKS_START_MIN)){ - return http_rest_error(request, -20, "LFS Size mismatch"); - } + // double check again that we're within bounds - don't want + // boot overwrite or anything nasty.... + if (newstart < LFS_BLOCKS_START_MIN) { + return http_rest_error(request, -20, "LFS Size mismatch"); + } + if ((newstart + newsize > LFS_BLOCKS_END) || + (newstart + newsize < LFS_BLOCKS_START_MIN)) { + return http_rest_error(request, -20, "LFS Size mismatch"); + } return http_rest_get_flash(request, newstart, newsize); } @@ -266,20 +216,20 @@ static int http_rest_post(http_request_t* request) { if (lfs_present()) { release_lfs(); } - uint32_t newsize = CFG_GetLFS_Size(); - uint32_t newstart = (LFS_BLOCKS_END - newsize); + uint32_t newsize = CFG_GetLFS_Size(); + uint32_t newstart = (LFS_BLOCKS_END - newsize); - newsize = (newsize/LFS_BLOCK_SIZE)*LFS_BLOCK_SIZE; + newsize = (newsize / LFS_BLOCK_SIZE) * LFS_BLOCK_SIZE; - // double check again that we're within bounds - don't want - // boot overwrite or anything nasty.... - if (newstart < LFS_BLOCKS_START_MIN){ - return http_rest_error(request, -20, "LFS Size mismatch"); - } - if ((newstart + newsize > LFS_BLOCKS_END) || - (newstart + newsize < LFS_BLOCKS_START_MIN)){ - return http_rest_error(request, -20, "LFS Size mismatch"); - } + // double check again that we're within bounds - don't want + // boot overwrite or anything nasty.... + if (newstart < LFS_BLOCKS_START_MIN) { + return http_rest_error(request, -20, "LFS Size mismatch"); + } + if ((newstart + newsize > LFS_BLOCKS_END) || + (newstart + newsize < LFS_BLOCKS_START_MIN)) { + return http_rest_error(request, -20, "LFS Size mismatch"); + } // we are writing the lfs block int res = http_rest_post_flash(request, newstart, LFS_BLOCKS_END); @@ -313,13 +263,17 @@ static int http_rest_app(http_request_t* request) { const char* ourip = HAL_GetMyIPString(); //CFG_GetOurIP(); http_setup(request, httpMimeTypeHTML); if (webhost && ourip) { - poststr(request, apppage1); - poststr(request, webhost); - poststr(request, apppage2); - poststr(request, ourip); - poststr(request, apppage3); - poststr(request, webhost); - poststr(request, apppage4); + poststr(request, htmlDoctype); + + poststr(request, ""); + poststr(request, CFG_GetDeviceName()); + poststr(request, ""); + + poststr(request, htmlShortcutIcon); + poststr(request, htmlHeadMeta); + hprintf255(request, "", webhost, ourip); + hprintf255(request, "", webhost); + poststr(request, ""); } else { http_html_start(request, "Not available"); @@ -607,18 +561,18 @@ exit: return 0; } -static int http_favicon(http_request_t* request) { - request->url = "api/lfs/favicon.ico"; - return http_rest_get_lfs_file(request); -} +// static int http_favicon(http_request_t* request) { +// request->url = "api/lfs/favicon.ico"; +// return http_rest_get_lfs_file(request); +// } #else -static int http_favicon(http_request_t* request) { - request->responseCode = HTTP_RESPONSE_NOT_FOUND; - http_setup(request, httpMimeTypeHTML); - poststr(request, NULL); - return 0; -} +// static int http_favicon(http_request_t* request) { +// request->responseCode = HTTP_RESPONSE_NOT_FOUND; +// http_setup(request, httpMimeTypeHTML); +// poststr(request, NULL); +// return 0; +// } #endif @@ -788,7 +742,6 @@ static int http_rest_get_info(http_request_t* request) { http_setup(request, httpMimeTypeJson); hprintf255(request, "{\"uptime_s\":%d,", Time_getUpTimeSeconds()); hprintf255(request, "\"build\":\"%s\",", g_build_str); - hprintf255(request, "\"sys\":\"%s\",", obktype); hprintf255(request, "\"ip\":\"%s\",", HAL_GetMyIPString()); hprintf255(request, "\"mac\":\"%s\",", HAL_GetMACStr(macstr)); hprintf255(request, "\"mqtthost\":\"%s:%d\",", CFG_GetMQTTHost(), CFG_GetMQTTPort());