katolaz
/
cgit-70
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ui-repolist: HTML-escape cgit_rooturl() response

Browse Source 
This is for consistency with other callers.  The value returned from
cgit_rooturl is not guaranteed to be HTML-safe.

Signed-off-by: John Keeping <john@keeping.me.uk>
upstream
John Keeping 11 years ago committed by Jason A. Donenfeld
parent a45030f8ee
commit 1de6591159
1 changed files with 3 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      ui-repolist.c

4
ui-repolist.c
Unescape View File

@ -106,7 +106,9 @@ static int is_in_url(struct cgit_repo *repo)
static void print_sort_header(const char *title, const char *sort)
{
htmlf("<th class='left'><a href='%s?s=%s", cgit_rooturl(), sort);
html("<th class='left'><a href='");
html_attr(cgit_rooturl());
htmlf("?s=%s", sort);
if (ctx.qry.search) {
html("&amp;q=");
html_url_arg(ctx.qry.search);

Write Preview
Loading…
Cancel
Save