716
716
(!xmlStrcasecmp(cur->name, BAD_CAST "src")) ||
717
717
((!xmlStrcasecmp(cur->name, BAD_CAST "name")) &&
718
718
(!xmlStrcasecmp(cur->parent->name, BAD_CAST "a"))))) {
720
719
xmlChar *tmp = value;
720
/* xmlURIEscapeStr() escapes '"' so it can be safely used. */
721
xmlBufCCat(buf->buffer, "\"");
722
723
while (IS_BLANK_CH(*tmp)) tmp++;
725
* the < and > have already been escaped at the entity level
726
* And doing so here breaks server side includes
728
escaped = xmlURIEscapeStr(tmp, BAD_CAST"@/:=?;#%&,+<>");
729
if (escaped != NULL) {
730
xmlBufWriteQuotedString(buf->buffer, escaped);
733
xmlBufWriteQuotedString(buf->buffer, value);
725
/* URI Escape everything, except server side includes. */
730
xmlChar *start = (xmlChar *)xmlStrstr(tmp, BAD_CAST "<!--");
732
end = (xmlChar *)xmlStrstr(tmp, BAD_CAST "-->");
738
/* Escape the whole string, or until start (set to '\0'). */
739
escaped = xmlURIEscapeStr(tmp, BAD_CAST"@/:=?;#%&,+");
740
if (escaped != NULL) {
741
xmlBufCat(buf->buffer, escaped);
744
xmlBufCat(buf->buffer, tmp);
747
if (end == NULL) { /* Everything has been written. */
751
/* Do not escape anything within server side includes. */
752
*start = '<'; /* Restore the first character of "<!--". */
753
end += 3; /* strlen("-->") */
756
xmlBufCat(buf->buffer, start);
761
xmlBufCCat(buf->buffer, "\"");
736
763
xmlBufWriteQuotedString(buf->buffer, value);