Merge branch 'lh/escape-urls'

* lh/escape-urls: ui-shared.c: use html_url_arg() html.c: add html_url_arg
author: Lars Hjemli <hjemli@gmail.com> 2008-10-05 11:13:33 (UTC)
committer: Lars Hjemli <hjemli@gmail.com> 2008-10-05 11:13:33 (UTC)
commit: 20c895f6889a66d7cf43c67a7c22df6ef324ed5d (patch) (side-by-side diff)
tree: 4fc0c044fa0919cab562b371191add67114d07a9
parent: 204669ff4a4028a82cc48e9319632595ba3ff703 (diff)
parent: b575115d9d93e45cdbcd5d066cc445d34639ae6a (diff)
download: cgit-20c895f6889a66d7cf43c67a7c22df6ef324ed5d.zip
cgit-20c895f6889a66d7cf43c67a7c22df6ef324ed5d.tar.gz
cgit-20c895f6889a66d7cf43c67a7c22df6ef324ed5d.tar.bz2
6 files changed, 53 insertions, 11 deletions
diff --git a/html.c b/html.c
index 36e9a2f..167127f 100644
--- a/html.c
+++ b/html.c
@@ -125,12 +125,28 @@ void html_attr(char *txt)
 		t++;
 	}
 	if (t!=txt)
 		html(txt);
 }
 
+void html_url_arg(char *txt)
+{
+	char *t = txt;
+	while(t && *t){
+		int c = *t;
+		if (c=='"' || c=='#' || c=='%' || c=='&' || c=='\'' || c=='+' || c=='?') {
+			write(htmlfd, txt, t - txt);
+			write(htmlfd, fmt("%%%2x", c), 3);
+			txt = t+1;
+		}
+		t++;
+	}
+	if (t!=txt)
+		html(txt);
+}
+
 void html_hidden(char *name, char *value)
 {
 	html("<input type='hidden' name='");
 	html_attr(name);
 	html("' value='");
 	html_attr(value);
diff --git a/html.h b/html.h
index 3c32935..038cf60 100644
--- a/html.h
+++ b/html.h
@@ -7,12 +7,13 @@ extern void html_raw(const char *txt, size_t size);
 extern void html(const char *txt);
 extern void htmlf(const char *format,...);
 extern void html_status(int code, const char *msg, int more_headers);
 extern void html_txt(char *txt);
 extern void html_ntxt(int len, char *txt);
 extern void html_attr(char *txt);
+extern void html_url_arg(char *txt);
 extern void html_hidden(char *name, char *value);
 extern void html_option(char *value, char *text, char *selected_value);
 extern void html_link_open(char *url, char *title, char *class);
 extern void html_link_close(void);
 extern void html_fileperm(unsigned short mode);
 extern int html_include(const char *filename);
diff --git a/tests/setup.sh b/tests/setup.sh
index e37306e..1457dd5 100755
--- a/tests/setup.sh
+++ b/tests/setup.sh
@@ -28,21 +28,29 @@ mkrepo() {
 	for ((n=1; n<=count; n++))
 	do
 		echo $n >file-$n
 		git add file-$n
 		git commit -m "commit $n"
 	done
+	if test "$3" = "testplus"
+	then
+		echo "hello" >a+b
+		git add a+b
+		git commit -m "add a+b"
+		git branch "1+2"
+	fi
 	cd $dir
 }
 
 setup_repos()
 {
 	rm -rf trash/cache
 	mkdir -p trash/cache
 	mkrepo trash/repos/foo 5 >/dev/null
 	mkrepo trash/repos/bar 50 >/dev/null
+	mkrepo trash/repos/foo+bar 10 testplus >/dev/null
 	cat >trash/cgitrc <<EOF
 virtual-root=/
 cache-root=$PWD/trash/cache
 
 cache-size=1021
 snapshots=tar.gz tar.bz zip
@@ -58,12 +66,16 @@ repo.path=$PWD/trash/repos/foo/.git
 # the constant value "[no description]" (which actually used to cause a
 # segfault).
 
 repo.url=bar
 repo.path=$PWD/trash/repos/bar/.git
 repo.desc=the bar repo
+
+repo.url=foo+bar
+repo.path=$PWD/trash/repos/foo+bar/.git
+repo.desc=the foo+bar repo
 EOF
 }
 
 prepare_tests()
 {
 	setup_repos
@@ -110,7 +122,6 @@ cgit_query()
 }
 
 cgit_url()
 {
 	CGIT_CONFIG="$PWD/trash/cgitrc" QUERY_STRING="url=$1" "$PWD/../cgit"
 }
-
diff --git a/tests/t0101-index.sh b/tests/t0101-index.sh
index 445af6a..07e39f9 100755
--- a/tests/t0101-index.sh
+++ b/tests/t0101-index.sh
@@ -6,10 +6,12 @@ prepare_tests "Check content on index page"
 
 run_test 'generate index page' 'cgit_url "" >trash/tmp'
 run_test 'find foo repo' 'grep -e "foo" trash/tmp'
 run_test 'find foo description' 'grep -e "\[no description\]" trash/tmp'
 run_test 'find bar repo' 'grep -e "bar" trash/tmp'
 run_test 'find bar description' 'grep -e "the bar repo" trash/tmp'
+run_test 'find foo+bar repo' 'grep -e ">foo+bar<" trash/tmp'
+run_test 'verify foo+bar link' 'grep -e "/foo+bar/" trash/tmp'
 run_test 'no tree-link' '! grep -e "foo/tree" trash/tmp'
 run_test 'no log-link' '! grep -e "foo/log" trash/tmp'
 
 tests_done
diff --git a/tests/t0104-tree.sh b/tests/t0104-tree.sh
index 2516c72..0d62cc8 100755
--- a/tests/t0104-tree.sh
+++ b/tests/t0104-tree.sh
@@ -15,7 +15,19 @@ run_test 'find line 1' '
 '
 
 run_test 'no line 2' '
 	grep -e "<a id=.n2. name=.n2. href=.#n2.>2</a>" trash/tmp
 '
 
+run_test 'generate foo+bar/tree' 'cgit_url "foo%2bbar/tree" >trash/tmp'
+
+run_test 'verify a+b link' '
+	grep -e "/foo+bar/tree/a+b" trash/tmp
+'
+
+run_test 'generate foo+bar/tree?h=1+2' 'cgit_url "foo%2bbar/tree&h=1%2b2" >trash/tmp'
+
+run_test 'verify a+b?h=1+2 link' '
+	grep -e "/foo+bar/tree/a+b?h=1%2b2" trash/tmp
+'
+
 tests_done
diff --git a/ui-shared.c b/ui-shared.c
index c23bc75..a2f636c 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -218,27 +218,27 @@ static char *repolink(char *title, char *class, char *page, char *head,
 			if (path)
 				html_attr(path);
 		}
 	} else {
 		html(ctx.cfg.script_name);
 		html("?url=");
-		html_attr(ctx.repo->url);
+		html_url_arg(ctx.repo->url);
 		if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/')
 			html("/");
 		if (page) {
-			html(page);
+			html_url_arg(page);
 			html("/");
 			if (path)
-				html_attr(path);
+				html_url_arg(path);
 		}
 		delim = "&amp;";
 	}
 	if (head && strcmp(head, ctx.repo->defbranch)) {
 		html(delim);
 		html("h=");
-		html_attr(head);
+		html_url_arg(head);
 		delim = "&amp;";
 	}
 	return fmt("%s", delim);
 }
 
 static void reporevlink(char *page, char *name, char *title, char *class,
@@ -247,13 +247,13 @@ static void reporevlink(char *page, char *name, char *title, char *class,
 	char *delim;
 
 	delim = repolink(title, class, page, head, path);
 	if (rev && strcmp(rev, ctx.qry.head)) {
 		html(delim);
 		html("id=");
-		html_attr(rev);
+		html_url_arg(rev);
 	}
 	html("'>");
 	html_txt(name);
 	html("</a>");
 }
 
@@ -275,23 +275,23 @@ void cgit_log_link(char *name, char *title, char *class, char *head,
 	char *delim;
 
 	delim = repolink(title, class, "log", head, path);
 	if (rev && strcmp(rev, ctx.qry.head)) {
 		html(delim);
 		html("id=");
-		html_attr(rev);
+		html_url_arg(rev);
 		delim = "&";
 	}
 	if (grep && pattern) {
 		html(delim);
 		html("qt=");
-		html_attr(grep);
+		html_url_arg(grep);
 		delim = "&";
 		html(delim);
 		html("q=");
-		html_attr(pattern);
+		html_url_arg(pattern);
 	}
 	if (ofs > 0) {
 		html(delim);
 		html("ofs=");
 		htmlf("%d", ofs);
 	}
@@ -330,19 +330,19 @@ void cgit_diff_link(char *name, char *title, char *class, char *head,
 	char *delim;
 
 	delim = repolink(title, class, "diff", head, path);
 	if (new_rev && strcmp(new_rev, ctx.qry.head)) {
 		html(delim);
 		html("id=");
-		html_attr(new_rev);
+		html_url_arg(new_rev);
 		delim = "&amp;";
 	}
 	if (old_rev) {
 		html(delim);
 		html("id2=");
-		html_attr(old_rev);
+		html_url_arg(old_rev);
 	}
 	html("'>");
 	html_txt(name);
 	html("</a>");
 }
author	Lars Hjemli <hjemli@gmail.com>	2008-10-05 11:13:33 (UTC)
committer	Lars Hjemli <hjemli@gmail.com>	2008-10-05 11:13:33 (UTC)
commit	20c895f6889a66d7cf43c67a7c22df6ef324ed5d (patch) (side-by-side diff)
tree	4fc0c044fa0919cab562b371191add67114d07a9
parent	204669ff4a4028a82cc48e9319632595ba3ff703 (diff)
parent	b575115d9d93e45cdbcd5d066cc445d34639ae6a (diff)
download	cgit-20c895f6889a66d7cf43c67a7c22df6ef324ed5d.zip cgit-20c895f6889a66d7cf43c67a7c22df6ef324ed5d.tar.gz cgit-20c895f6889a66d7cf43c67a7c22df6ef324ed5d.tar.bz2