Improved Json sanitization

It was important to fix this bug. It can let someone to prevent the esp8266 from scanning for APs just by sending beacons containing specifics characters in AP name.
Those characters will make the browser to misunderstand the json result of APScan.
For exemple if you put an anti-slash at the end of an AP name, you're browser will think that the " character of json delimitation is escaped and will interpret it as a ascii character.

-Created a sanitize method. APScan::sanitizeJson(String) to escape specific characters.

-SanitizeJson is used each time the result of getAPName is sent using Json data format.

- Removed _ssid.replace("\"", "\\\"")
It's important to not sanitize Ap names before saving them into a limited 33 chararacters array. Sanitize an AP name increase his size and so it can potentially decrease his final size when casted to a 33 chars array.

esp8266_deauther/APScan.cpp

@@ -29,7 +29,6 @@ bool APScan::start() {
     encryption[i] = WiFi.encryptionType(i);
     hidden[i] = WiFi.isHidden(i);
     String _ssid = WiFi.SSID(i);
-    _ssid.replace("\"", "\\\"");
     _ssid.toCharArray(names[i], 33);
     //data_getVendor(WiFi.BSSID(i)[0],WiFi.BSSID(i)[1],WiFi.BSSID(i)[2]).toCharArray(vendors[i],9);
     if (debug) {
@@ -136,6 +135,18 @@ int APScan::getFirstTarget() {
   return -1;
 }
 
+String APScan::sanitizeJson(String input){
+ input.replace("\\","\\\\");
+ input.replace("\"","\\\"");
+ input.replace("/","\\/");
+ input.replace("\b","\\b");
+ input.replace("\f","\\f");
+ input.replace("\n","\\n");
+ input.replace("\r","\\r");
+ input.replace("\t","\\t");
+ return input;
+}
+
 void APScan::sendResults() {
   if (debug) Serial.print("sending AP scan result JSON ");
 
@@ -158,7 +169,7 @@ void APScan::sendResults() {
     _size += 61;
     _size += String(i).length();
     _size += String(getAPChannel(i)).length();
-    _size += getAPName(i).length();
+    _size += sanitizeJson(getAPName(i)).length();
     _size += String(getAPRSSI(i)).length();
 
     if ((i != results - 1) && (i != maxAPScanResults - 1)) _size++; // ,
@@ -178,7 +189,7 @@ void APScan::sendResults() {
     json += "\"i\":" + (String)i + ",";
     json += "\"c\":" + (String)getAPChannel(i) + ",";
     json += "\"m\":\"" + getAPMac(i) + "\",";
-    json += "\"ss\":\"" + getAPName(i) + "\",";
+    json += "\"ss\":\"" + sanitizeJson(getAPName(i)) + "\",";
     json += "\"r\":" + (String)getAPRSSI(i) + ",";
     json += "\"e\":" + (String)encryption[i] + ",";
     //json += "\"v\":\""+getAPVendor(i)+"\",";
@@ -211,7 +222,7 @@ String APScan::getResultsJSON() {
     json += "\"i\":" + (String)i + ",";
     json += "\"c\":" + (String)getAPChannel(i) + ",";
     json += "\"m\":\"" + getAPMac(i) + "\",";
-    json += "\"ss\":\"" + getAPName(i) + "\",";
+    json += "\"ss\":\"" + sanitizeJson(getAPName(i)) + "\",";
     json += "\"r\":" + (String)getAPRSSI(i) + ",";
     json += "\"e\":" + (String)encryption[i] + ",";
     //json += "\"v\":\""+getAPVendor(i)+"\",";

esp8266_deauther/APScan.h

@@ -39,6 +39,8 @@ class APScan {
     int getFirstTarget();
     bool isSelected(int num);
 
+    String sanitizeJson(String input);
+
     int results = 0;
     int selectedSum;
     MacList aps;