From: Holger Schemel Date: Mon, 21 Jun 2021 14:14:13 +0000 (+0200) Subject: added escaping special characters in JSON strings for HTTP requests X-Git-Tag: 4.3.0.0~125 X-Git-Url: https://git.artsoft.org/?a=commitdiff_plain;h=59eaf44062103c506fec5dc12431f7df7eb28009;p=rocksndiamonds.git added escaping special characters in JSON strings for HTTP requests --- diff --git a/src/files.c b/src/files.c index 9da8f609..75f0fe08 100644 --- a/src/files.c +++ b/src/files.c @@ -9274,6 +9274,11 @@ static void UploadScoreToServerExt(struct HttpRequest *request, return; } + char *levelset_identifier = getEscapedJSON(leveldir_current->identifier); + char *levelset_name = getEscapedJSON(leveldir_current->name); + char *levelset_author = getEscapedJSON(leveldir_current->author); + char *player_name = getEscapedJSON(score_entry->name); + snprintf(request->body, MAX_HTTP_BODY_SIZE, "{\n" " \"game_version\": \"%s\",\n" @@ -9290,13 +9295,13 @@ static void UploadScoreToServerExt(struct HttpRequest *request, " \"tape\": \"%s\"\n" "}\n", getProgramRealVersionString(), - leveldir_current->identifier, - leveldir_current->name, - leveldir_current->author, + levelset_identifier, + levelset_name, + levelset_author, leveldir_current->levels, leveldir_current->first_level, level_nr, - score_entry->name, + player_name, score_entry->score, score_entry->time, score_entry->tape_basename, @@ -9304,6 +9309,11 @@ static void UploadScoreToServerExt(struct HttpRequest *request, checked_free(tape_base64); + checked_free(levelset_identifier); + checked_free(levelset_name); + checked_free(levelset_author); + checked_free(player_name); + ConvertHttpRequestBodyToServerEncoding(request); if (!DoHttpRequest(request, response))