I think that the directory listing generated by httpd doesn't properly encode strings that are taken from C-variables. (function "server_file_index" in server_file.c)
e.g., filenames with spaces, or odd characters, produce non-functioning links. I used the following directory structure to test: mkdir test echo "TEST" > test/test.txt echo "Test" > test/.hidden.txt echo "test ONCE more" > test/"test once more".txt mkdir test/"<b> \\test\"&\"&" echo "& test" > test/"<b> \\test\"&\"&"/"<b>".txt What I see: - the file test/"test once more".txt cannot be displayed because is has spaces in its name. (doesn't appear to be a problem on CURRENT though) - the directory test/"<b> \\test\"&\"&" cannot be displayed either and will also cause subsequent characters to be printed in bold because of the <b> character sequence. - the filename part of test/"<b> \\test\"& \"&"/"<b>".txt is possibly rendered as <b>.txt. AFAICT tell the C-variables need to be "HTML encoded" or both "URI percent encoded" and "HTML encoded" in case of URIs in hrefs. I spotted the url_decode function but i don't immediately see any encoding functions so I'm wondering do encoding functions exist ? Just in case it's of interrest, I ripped an "URI percent encode" and a "HTML encode" function from some hobby project of mine and used it to encode the C- variables. This appears to solve the issues described. Though I don't know for sure my code is anywhere near perfect I can produce a diff if that's appreciated.
