From dfa8b1c475ba97b65f454cea9491ed6307096b54 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sat, 19 Apr 2025 18:01:14 +0800 Subject: [PATCH] =?UTF-8?q?=E7=8E=B0=E5=9C=A8=E5=8F=AF=E4=BB=A5=E8=BF=9E?= =?UTF-8?q?=E6=8E=A5=E5=90=8D=E7=A7=B0=E5=B8=A6=E7=89=B9=E6=AE=8A=E7=AC=A6?= =?UTF-8?q?=E5=8F=B7=E7=9A=84wifi=EF=BC=8C=E4=BE=8B=E5=A6=82=E6=9C=89?= =?UTF-8?q?=E7=A9=BA=E6=A0=BC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- TC1/http_server/app_httpd.c | 64 +++++++++++++++++++++++++++++----- TC1/http_server/web/index.html | 10 +++--- 2 files changed, 61 insertions(+), 13 deletions(-) diff --git a/TC1/http_server/app_httpd.c b/TC1/http_server/app_httpd.c index bdde3b7..a26dab6 100644 --- a/TC1/http_server/app_httpd.c +++ b/TC1/http_server/app_httpd.c @@ -36,6 +36,11 @@ #include #include "stdlib.h" +#include +#include +#include +#include + #include "mico.h" #include "httpd_priv.h" #include "app_httpd.h" @@ -430,19 +435,62 @@ static int HttpGetWifiConfig(httpd_request_t *req) { return err; } + +// 单个十六进制字符转数字(安全) +static int hex_char_to_int(char c) { + if ('0' <= c && c <= '9') return c - '0'; + if ('a' <= c && c <= 'f') return c - 'a' + 10; + if ('A' <= c && c <= 'F') return c - 'A' + 10; + return -1; +} + +// 健壮版 URL 解码函数 +void url_decode(const char *src, char *dest, size_t max_len) { + size_t i = 0; + while (*src && i < max_len - 1) { + if (*src == '%') { + if (isxdigit((unsigned char)src[1]) && isxdigit((unsigned char)src[2])) { + int high = hex_char_to_int(src[1]); + int low = hex_char_to_int(src[2]); + if (high >= 0 && low >= 0) { + dest[i++] = (char)((high << 4) | low); + src += 3; + continue; + } + } + // 非法编码,跳过 % + src++; + } else if (*src == '+') { + dest[i++] = ' '; + src++; + } else { + dest[i++] = *src++; + } + } + dest[i] = '\0'; +} + static int HttpSetWifiConfig(httpd_request_t *req) { OSStatus err = kNoErr; - int buf_size = 97; - char *buf = malloc(buf_size); - int mode = -1; - char *wifi_ssid = malloc(32); - char *wifi_key = malloc(32); + char *buf = malloc(256); + char *ssid_enc = malloc(128); + char *key_enc = malloc(128); + char *wifi_ssid = malloc(128); + char *wifi_key = malloc(128); + int mode = -1; - err = httpd_get_data(req, buf, buf_size); + + + err = httpd_get_data(req, buf, 256); require_noerr(err, exit); - - sscanf(buf, "%d %s %s", &mode, wifi_ssid, wifi_key); + // 假设 httpd_get_data(req, buf, 256); +// tc1_log("wifi config %s",buf); + sscanf(buf, "%d %s %s", &mode, ssid_enc, key_enc); +// tc1_log("wifi config %s %s",ssid_enc,key_enc); + url_decode(ssid_enc, wifi_ssid,128); + url_decode(key_enc, wifi_key,128); +// tc1_log("wifi config decode %s %s",wifi_ssid,wifi_key); if (mode == 1) { WifiConnect(wifi_ssid, wifi_key); } else { diff --git a/TC1/http_server/web/index.html b/TC1/http_server/web/index.html index d847238..1fedc8c 100644 --- a/TC1/http_server/web/index.html +++ b/TC1/http_server/web/index.html @@ -1235,15 +1235,15 @@ componentHandler.upgradeDom(); var mode = $("#custom_station").prop("checked") ? 1 : 0; var ssid = $("#custom_ssid").val(); var passwd = $("#custom_password").val(); - if (ContainQM(ssid) || ContainQM(passwd)) { - alert(qm_mess); - return; - } + //if (ContainQM(ssid) || ContainQM(passwd)) { + // alert(qm_mess); + // return; + //} if (passwd.length < 8) { alert(le_mess); return; } - var params = mode + " " + ssid + " " + passwd; + var params = mode + " " + encodeURIComponent(ssid) + " " + encodeURIComponent(passwd); HttpPost("/wifi/config", function (re) { ShowToast(re); }, params);