[Fix] Correct HTML attribute value offset calculation

Fix two issues in HTML parser attribute value span calculation:
1. Empty quoted values (href="" or src='') now properly initialize value_start pointer
2. Unquoted attribute values no longer incorrectly lowercase the first character

diff --git a/src/libserver/html/html.cxx b/src/libserver/html/html.cxx
index 8a1439fb43d8dcc77a6a0e35f9c4489a4ad97b8b..1e982236d16a6780a86d36b3b764fac0988ae763 100644 (file)
--- a/src/libserver/html/html.cxx
+++ b/src/libserver/html/html.cxx
@@ -1113,7 +1113,7 @@ html_parse_tag_content(rspamd_mempool_t *pool,
                        if (parser_env.value_start == nullptr) {
                                parser_env.value_start = in;
                        }
-                       store_value_character(true);
+                       store_value_character(false);
                        state = parse_value;
                }
                break;
@@ -1133,13 +1133,17 @@ html_parse_tag_content(rspamd_mempool_t *pool,
                        if (parser_env.value_start == nullptr) {
                                parser_env.value_start = in;
                        }
-                       store_value_character(true);
+                       store_value_character(false);
                        state = parse_value;
                }
                break;
 
        case parse_start_dquote:
                if (*in == '"') {
+                       // Empty quoted value - set value_start to point to the closing quote
+                       if (parser_env.value_start == nullptr) {
+                               parser_env.value_start = in;
+                       }
                        store_component_value();
                        state = spaces_after_param;
                }
@@ -1155,6 +1159,10 @@ html_parse_tag_content(rspamd_mempool_t *pool,
 
        case parse_start_squote:
                if (*in == '\'') {
+                       // Empty quoted value - set value_start to point to the closing quote
+                       if (parser_env.value_start == nullptr) {
+                               parser_env.value_start = in;
+                       }
                        store_component_value();
                        state = spaces_after_param;
                }