Sanitize / purify SQL and JSON helpers

Functions
LWS_VISIBLE LWS_EXTERN const char *	lws_sql_purify (char *escaped, const char *string, int len)
LWS_VISIBLE LWS_EXTERN const char *	lws_json_purify (char *escaped, const char *string, int len)

Detailed Description

Sanitize / purify SQL and JSON helpers

APIs for escaping untrusted JSON and SQL safely before use

Function Documentation

lws_json_purify()

LWS_VISIBLE LWS_EXTERN const char* lws_json_purify	(	char *	escaped,
		const char *	string,
		int	len
	)

#include <lib/libwebsockets.h>

lws_json_purify() - like strncpy but with escaping for json chars

Parameters

escaped	output buffer
string	input buffer ('/0' terminated)
len	output buffer max length

Because escaping expands the output string, it's not possible to do it in-place, ie, with escaped == string

lws_sql_purify()

LWS_VISIBLE LWS_EXTERN const char* lws_sql_purify	(	char *	escaped,
		const char *	string,
		int	len
	)

#include <lib/libwebsockets.h>

lws_sql_purify() - like strncpy but with escaping for sql quotes

Parameters

escaped	output buffer
string	input buffer ('/0' terminated)
len	output buffer max length

Because escaping expands the output string, it's not possible to do it in-place, ie, with escaped == string