oysteikt
/
mpd
0
0
Fork 0
Code Issues Pull Requests Releases Activity

song_print: hide HTTP password in playlist 

Added the uri_remove_auth() library function which strips username
and password from a HTTP URI, and use it in song_print_url().  This
allows you to add HTTP URIs to the playlist including secret username
and password, without disclosing it to all MPD clients.
This commit is contained in:
Max Kellermann 2009-02-27 19:20:11 +01:00
parent 9dd00dfab7
commit eae0287466
4 changed files with 53 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
NEWS
View File

@ -2,6 +2,7 @@ ver 0.15 - (200?/??/??)
* input: * input:
- parse Icy-Metadata - parse Icy-Metadata
- added support for the MMS protocol - added support for the MMS protocol
- hide HTTP password in playlist
* tags: * tags:
- support the "album artist" tag - support the "album artist" tag
- support MusicBrainz tags - support MusicBrainz tags

12
src/song_print.c
View File

@ -22,6 +22,7 @@
#include "directory.h" #include "directory.h"
#include "tag_print.h" #include "tag_print.h"
#include "client.h" #include "client.h"
#include "uri.h"
void void
song_print_url(struct client *client, struct song *song) song_print_url(struct client *client, struct song *song)
@ -30,7 +31,16 @@ song_print_url(struct client *client, struct song *song)
client_printf(client, "%s%s/%s\n", SONG_FILE, client_printf(client, "%s%s/%s\n", SONG_FILE,
directory_get_path(song->parent), song->url); directory_get_path(song->parent), song->url);
} else { } else {
client_printf(client, "%s%s\n", SONG_FILE, song->url); char *allocated;
const char *uri;
uri = allocated = uri_remove_auth(song->url);
if (uri == NULL)
uri = song->url;
client_printf(client, "%s%s\n", SONG_FILE, uri);
g_free(allocated);
} }
} }

32
src/uri.c
View File

@ -35,3 +35,35 @@ uri_get_suffix(const char *uri)
return dot != NULL ? dot + 1 : NULL; return dot != NULL ? dot + 1 : NULL;
} }
char *
uri_remove_auth(const char *uri)
{
const char *auth, *slash, *at;
char *p;
if (strncmp(uri, "http://", 7) == 0)
auth = uri + 7;
else if (strncmp(uri, "https://", 8) == 0)
auth = uri + 8;
else
/* unrecognized URI */
return NULL;
slash = strchr(auth, '/');
if (slash == NULL)
slash = auth + strlen(auth);
at = memchr(auth, '@', slash - auth);
if (at == NULL)
/* no auth info present, do nothing */
return NULL;
/* duplicate the full URI and then delete the auth
information */
p = g_strdup(uri);
memmove(p + (auth - uri), p + (at + 1 - uri),
strlen(at));
return p;
}

9
src/uri.h
View File

@ -30,4 +30,13 @@ bool uri_has_scheme(const char *uri);
const char * const char *
uri_get_suffix(const char *uri); uri_get_suffix(const char *uri);
/**
* Removes HTTP username and password from the URI. This may be
* useful for displaying an URI without disclosing secrets. Returns
* NULL if nothing needs to be removed, or if the URI is not
* recognized.
*/
char *
uri_remove_auth(const char *uri);
#endif #endif