html: double escape literal + in URLs

It's unclear whether this is correct or whether my server is double
decoding.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

diff --git a/html.c b/html.c
index 0bac34bcf82b3a31ad3dda25f7c7bcee3d9d8f3a..1b00173560a0d68a717e9aaded468deb4d7d0688 100644 (file)
--- a/html.c
+++ b/html.c
@@ -17,7 +17,7 @@ static const char* url_escape_table[256] = {
        "%10", "%11", "%12", "%13", "%14", "%15", "%16", "%17",
        "%18", "%19", "%1a", "%1b", "%1c", "%1d", "%1e", "%1f",
        "%20", NULL,  "%22", "%23", NULL,  "%25", "%26", "%27",
-       NULL,  NULL,  NULL,  "%2b", NULL,  NULL,  NULL,  NULL,
+       NULL,  NULL,  NULL,  "%252b", NULL,  NULL,  NULL,  NULL,
        NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,
        NULL,  NULL,  NULL,  NULL,  "%3c", "%3d", "%3e", "%3f",
        NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,
@@ -200,7 +200,7 @@ void html_url_path(const char *txt)
        while (t && *t) {
                unsigned char c = *t;
                const char *e = url_escape_table[c];
-               if (e && c != '+' && c != '&') {
+               if (e && c != '&') {
                        html_raw(txt, t - txt);
                        html(e);
                        txt = t + 1;