* the key) has control or not. If validated, the context control_timestamp is
* updated.
* @param context The context to work in
- * @param key The control key to be validated.
* @return TRUE if authorized, FALSE if not.
*/
bool FCGI_HasControl(FCGIContext *context)
* Generic accept response in JSON format.
* @param context The context to work in
* @param description A short description.
- * @param cookie Optional. If given, the cookie field is set to that value.
*/
void FCGI_AcceptJSON(FCGIContext *context, const char *description)
{
/**
* Escapes a string so it can be used safely.
* Currently escapes to ensure the validity for use as a JSON string
- * Does not support unicode specifiers in the form of \uXXXX.
+ * Does not support unicode specifiers in the form of \\uXXXX.
* @param buf The string to be escaped
* @return The escaped string (return value == buf)
*/
char *FCGI_URLDecode(char *buf)
{
char *head = buf, *tail = buf;
- char hex[3] = {0};
+ char val, hex[3] = {0};
while (*tail) {
if (*tail == '%') { //%hh hex to char
if (isxdigit(*tail) && isxdigit(*(tail+1))) {
hex[0] = *tail++;
hex[1] = *tail++;
- *head++ = (char)strtol(hex, NULL, 16);
+ val = (char)strtol(hex, NULL, 16);
+ //Control codes --> Space character
+ *head++ = (val < 0x20) ? 0x20 : val;
} else { //Not valid format; keep original
head++;
}