ui-shared: use html_url_path() to get properly escaped url in form action

When a repo uses an url with e.g. '#' or '?' characters this needs to be properly escaped when used as action in a form tag. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
author: Lars Hjemli <hjemli@gmail.com> 2008-10-05 17:25:47 (UTC)
committer: Lars Hjemli <hjemli@gmail.com> 2008-10-05 17:25:47 (UTC)
commit: 2e884f3162771880a2a5260713d6b7d1aa25bc6f (patch) (unidiff)
tree: 6d7193cc2ce766ac3d350ba3f2ea20e546ec5344
parent: b7f33786ef4b155a11b0324f84bbde5d7fc9c998 (diff)
download: cgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.zip
cgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.tar.gz
cgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.tar.bz2
1 files changed, 2 insertions, 2 deletions
diff --git a/ui-shared.c b/ui-shared.c
index f858ab6..1e12529 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -646,14 +646,14 @@ void cgit_print_pageheader(struct cgit_context *ctx)
                        reporevlink("about", "about", NULL,
                                    hc(cmd, "about"), ctx->qry.head, NULL,
                                    NULL);
                html("</td><td class='form'>");
                html("<form class='right' method='get' action='");
                if (ctx->cfg.virtual_root)
-                        html_attr(cgit_fileurl(ctx->qry.repo, "log",
+                        html_url_path(cgit_fileurl(ctx->qry.repo, "log",
-                                               ctx->qry.path, NULL));
+                                                   ctx->qry.path, NULL));
                html("'>\n");
                add_hidden_formfields(1, 0, "log");
                html("<select name='qt'>\n");
                html_option("grep", "log msg", ctx->qry.grep);
                html_option("author", "author", ctx->qry.grep);
                html_option("committer", "committer", ctx->qry.grep);
author	Lars Hjemli <hjemli@gmail.com>	2008-10-05 17:25:47 (UTC)
committer	Lars Hjemli <hjemli@gmail.com>	2008-10-05 17:25:47 (UTC)
commit	2e884f3162771880a2a5260713d6b7d1aa25bc6f (patch) (unidiff)
tree	6d7193cc2ce766ac3d350ba3f2ea20e546ec5344
parent	b7f33786ef4b155a11b0324f84bbde5d7fc9c998 (diff)
download	cgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.zip cgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.tar.gz cgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.tar.bz2

diff --git a/ui-shared.c b/ui-shared.c index f858ab6..1e12529 100644 --- a/ui-shared.c +++ b/ui-shared.c
@@ -646,14 +646,14 @@ void cgit_print_pageheader(struct cgit_context *ctx)
646	reporevlink("about", "about", NULL,	646	reporevlink("about", "about", NULL,
647	hc(cmd, "about"), ctx->qry.head, NULL,	647	hc(cmd, "about"), ctx->qry.head, NULL,
648	NULL);	648	NULL);
649	html("</td><td class='form'>");	649	html("</td><td class='form'>");
650	html("<form class='right' method='get' action='");	650	html("<form class='right' method='get' action='");
651	if (ctx->cfg.virtual_root)	651	if (ctx->cfg.virtual_root)
652	html_attr(cgit_fileurl(ctx->qry.repo, "log",	652	html_url_path(cgit_fileurl(ctx->qry.repo, "log",
653	ctx->qry.path, NULL));	653	ctx->qry.path, NULL));
654	html("'>\n");	654	html("'>\n");
655	add_hidden_formfields(1, 0, "log");	655	add_hidden_formfields(1, 0, "log");
656	html("<select name='qt'>\n");	656	html("<select name='qt'>\n");
657	html_option("grep", "log msg", ctx->qry.grep);	657	html_option("grep", "log msg", ctx->qry.grep);
658	html_option("author", "author", ctx->qry.grep);	658	html_option("author", "author", ctx->qry.grep);
659	html_option("committer", "committer", ctx->qry.grep);	659	html_option("committer", "committer", ctx->qry.grep);