author | Lars Hjemli <hjemli@gmail.com> | 2008-10-05 17:25:47 (UTC) |
---|---|---|
committer | Lars Hjemli <hjemli@gmail.com> | 2008-10-05 17:25:47 (UTC) |
commit | 2e884f3162771880a2a5260713d6b7d1aa25bc6f (patch) (side-by-side diff) | |
tree | 6d7193cc2ce766ac3d350ba3f2ea20e546ec5344 | |
parent | b7f33786ef4b155a11b0324f84bbde5d7fc9c998 (diff) | |
download | cgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.zip cgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.tar.gz cgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.tar.bz2 |
ui-shared: use html_url_path() to get properly escaped url in form action
When a repo uses an url with e.g. '#' or '?' characters this needs to be
properly escaped when used as action in a form tag.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
-rw-r--r-- | ui-shared.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ui-shared.c b/ui-shared.c index f858ab6..1e12529 100644 --- a/ui-shared.c +++ b/ui-shared.c @@ -648,10 +648,10 @@ void cgit_print_pageheader(struct cgit_context *ctx) NULL); html("</td><td class='form'>"); html("<form class='right' method='get' action='"); if (ctx->cfg.virtual_root) - html_attr(cgit_fileurl(ctx->qry.repo, "log", - ctx->qry.path, NULL)); + html_url_path(cgit_fileurl(ctx->qry.repo, "log", + ctx->qry.path, NULL)); html("'>\n"); add_hidden_formfields(1, 0, "log"); html("<select name='qt'>\n"); html_option("grep", "log msg", ctx->qry.grep); |