Hello,
I have been using Erlang-Web for a while, that's a real time-saver.
I possiblly found a *problem* in wtype_string and related basic wtypes. Here
is the detail.
When validating a input string(for example, the UTF-8 encoding string, like
Chinese/Japanese/Korean characters), the wtype_string:validate function is
using utf8_api:ulength try to decode utf8 from bytes to string, and then get
the correct length. It's a carefully design, but no enought. The returned
string needs to be decoded as well.
The attached file is a rough patch.
Basically, I just changed the utf8_api.erl to export a new function
ustring() and use it in wtype_string, wtype_text and wtype_password. It's
just try the utf8 decoder anyway, if falure(eg, not a utf8 encoding string),
just return the input string. In most case, this is a acceptable
solution(utf8 is widly used), but may not fit for all scenarios.
To solve the problem totally, possiblly we needs to modify the
e_mod_inet.erl add some code to detect the charset value in request's http
content-type header(such as {"content-type", "form-post-url-encode;
charset=ANY_ENCODING"}), and using the right decoder(such as: big-5,
shift-js, gbk and so on) to parse the input. But it's hard to find those
decoders in Erlang, and the utf8 is the most adaptable and standard choice.
Regards.
Jackyz.
diff -r fdd080bd470e lib/wpart-1.4/src/utf8_api.erl
--- a/lib/wpart-1.4/src/utf8_api.erl Mon Nov 30 15:45:29 2009 +0100
+++ b/lib/wpart-1.4/src/utf8_api.erl Fri Jan 15 16:02:25 2010 +0800
@@ -2,13 +2,20 @@
%% written by Per Gustafsson http://user.it.uu.se/~pergu
-module(utf8_api).
--export([ulength/1]).
+-export([ulength/1, ustring/1]).
%% @doc takes regular string encoded in utf.
ulength(String) ->
{Res, List} = utf8:from_binary(list_to_binary(String)),
- Length = if
- Res == ok -> length(List);
- true -> Res
- end,
- Length.
+ if
+ Res == ok -> length(List);
+ true -> Res
+ end.
+
+ustring(RawString) ->
+ case (catch utf8:from_binary(list_to_binary(RawString))) of
+ {ok, String} ->
+ String;
+ _ ->
+ RawString
+ end.
diff -r fdd080bd470e lib/wparts-1.4/src/wtype_password.erl
--- a/lib/wparts-1.4/src/wtype_password.erl Mon Nov 30 15:45:29 2009 +0100
+++ b/lib/wparts-1.4/src/wtype_password.erl Fri Jan 15 16:02:25 2010 +0800
@@ -80,7 +80,7 @@
check_min_length(String, Types) ->
case lists:keysearch(min_length, 1, Types) of
{value, {min_length, Min}} ->
- N = utf8_api:ulength(String),
+ N = length(String),
if
N < Min ->
{error, {too_short, String}};
@@ -94,7 +94,7 @@
check_max_length(String, Types) ->
case lists:keysearch(max_length, 1, Types) of
{value, {max_length, Max}} ->
- N = utf8_api:ulength(String),
+ N = length(String),
if
N > Max ->
{error, {too_long, String}};
diff -r fdd080bd470e lib/wparts-1.4/src/wtype_string.erl
--- a/lib/wparts-1.4/src/wtype_string.erl Mon Nov 30 15:45:29 2009 +0100
+++ b/lib/wparts-1.4/src/wtype_string.erl Fri Jan 15 16:02:25 2010 +0800
@@ -45,7 +45,8 @@
end
end;
-validate({Types,String}) when is_list(String) ->
+validate({Types,RawString}) when is_list(RawString) ->
+ String = utf8_api:ustring(RawString),
case wpart_valid:is_private(Types) of
true ->
{ok, String};
@@ -71,7 +72,7 @@
check_min_length(String, Types) ->
case lists:keysearch(min_length, 1, Types) of
{value, {min_length, Min}} ->
- N = utf8_api:ulength(String),
+ N = length(String),
if
N < Min ->
{error, {too_short, String}};
@@ -85,7 +86,7 @@
check_max_length(String, Types) ->
case lists:keysearch(max_length, 1, Types) of
{value, {max_length, Max}} ->
- N = utf8_api:ulength(String),
+ N = length(String),
if
N > Max ->
{error, {too_long, String}};
diff -r fdd080bd470e lib/wparts-1.4/src/wtype_text.erl
--- a/lib/wparts-1.4/src/wtype_text.erl Mon Nov 30 15:45:29 2009 +0100
+++ b/lib/wparts-1.4/src/wtype_text.erl Fri Jan 15 16:02:25 2010 +0800
@@ -43,7 +43,8 @@
end
end;
-validate({Types,Text}) when is_list(Text) ->
+validate({Types,RawText}) when is_list(RawText) ->
+ Text = utf8_api:ustring(RawText),
case wpart_valid:is_private(Types) of
true ->
{ok, Text};
@@ -70,7 +71,7 @@
check_min_length(String, Types) ->
case lists:keysearch(min_length, 1, Types) of
{value, {min_length, Min}} ->
- X = utf8_api:ulength(String),
+ X = length(String),
if
X < Min ->
{error, {too_short, String}};
@@ -84,7 +85,7 @@
check_max_length(String, Types) ->
case lists:keysearch(max_length, 1, Types) of
{value, {max_length, Max}} ->
- X = utf8_api:ulength(String),
+ X = length(String),
if
X > Max ->
{error, {too_long, String}};
------------------------------------------------------------------------------
Throughout its 18-year history, RSA Conference consistently attracts the
world's best and brightest in the field, creating opportunities for Conference
attendees to learn about information security's most important issues through
interactions with peers, luminaries and emerging and established companies.
http://p.sf.net/sfu/rsaconf-dev2dev
_______________________________________________
Erlangweb-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/erlangweb-users
http://www.erlang-web.org/
