Moved html character escapeing to the server side

2 files changed, 25 insertions, 12 deletions

diff --git a/ws2a/bugsdata.c b/ws2a/bugsdata.c
index e587e4c..d04560e 100644
--- a/ws2a/bugsdata.c
+++ b/ws2a/bugsdata.c
@@ -56,9 +56,32 @@ void printbug(FILE* f){
       if(part != 2){
         printf("<td>");
       }
-    }
+    }else if(c == "&"){
+      printf("&amp;");
+    }else if(c == "\""){
+      printf("&quot;");
+    }else if(c == "'"){
+      printf("&#39;");
+    }else if(c == "<"){
+      printf("&lt;");
+    }else if(c == ">"){
+      printf("&gt;");
+    }else if(c == "\\"){
+      printf("&#x2F;");
     else{
       putchar(c);
     }
   }
 }
+
+/*
+function htmlEscape(str) {
+    return String(str)
+        .replace(/&/g, '&amp;')
+        .replace(/"/g, '&quot;')
+        .replace(/'/g, '&#39;')
+        .replace(/</g, '&lt;')
+        .replace(/>/g, '&gt;')
+        .replace(/\//g, '&#x2F;');
+}
+*/
diff --git a/ws2a/bugsload.js b/ws2a/bugsload.js
index 1212e15..4c8b007 100644
--- a/ws2a/bugsload.js
+++ b/ws2a/bugsload.js
@@ -1,18 +1,8 @@
-function htmlEscape(str) {
-    return String(str)
-        .replace(/&/g, '&amp;')
-        .replace(/"/g, '&quot;')
-        .replace(/'/g, '&#39;')
-        .replace(/</g, '&lt;')
-        .replace(/>/g, '&gt;')
-        .replace(/\//g, '&#x2F;');
-}
-
 function loadLastBugs() {
   var xhttp = new XMLHttpRequest();
   xhttp.onreadystatechange = function() {
     if (xhttp.readyState == 4 && xhttp.status == 200) {
-     document.getElementById("bugstable").innerHTML = htmlEscape(xhttp.responseText);
+     document.getElementById("bugstable").innerHTML = xhttp.responseText;
     }
   };
   xhttp.open("GET", "/cgi-bin/bugsdata.cgi", true);