| author | Lars Hjemli <hjemli@gmail.com> | 2008-10-05 11:13:33 (UTC) |
|---|---|---|
| committer | Lars Hjemli <hjemli@gmail.com> | 2008-10-05 11:13:33 (UTC) |
| commit | 20c895f6889a66d7cf43c67a7c22df6ef324ed5d (patch) (side-by-side diff) | |
| tree | 4fc0c044fa0919cab562b371191add67114d07a9 | |
| parent | 204669ff4a4028a82cc48e9319632595ba3ff703 (diff) | |
| parent | b575115d9d93e45cdbcd5d066cc445d34639ae6a (diff) | |
| download | cgit-20c895f6889a66d7cf43c67a7c22df6ef324ed5d.zip cgit-20c895f6889a66d7cf43c67a7c22df6ef324ed5d.tar.gz cgit-20c895f6889a66d7cf43c67a7c22df6ef324ed5d.tar.bz2 | |
Merge branch 'lh/escape-urls'
* lh/escape-urls:
ui-shared.c: use html_url_arg()
html.c: add html_url_arg
| -rw-r--r-- | html.c | 16 | ||||
| -rw-r--r-- | html.h | 1 | ||||
| -rwxr-xr-x | tests/setup.sh | 13 | ||||
| -rwxr-xr-x | tests/t0101-index.sh | 2 | ||||
| -rwxr-xr-x | tests/t0104-tree.sh | 12 | ||||
| -rw-r--r-- | ui-shared.c | 20 |
6 files changed, 53 insertions, 11 deletions
@@ -123,16 +123,32 @@ void html_attr(char *txt) txt = t+1; } t++; } if (t!=txt) html(txt); } +void html_url_arg(char *txt) +{ + char *t = txt; + while(t && *t){ + int c = *t; + if (c=='"' || c=='#' || c=='%' || c=='&' || c=='\'' || c=='+' || c=='?') { + write(htmlfd, txt, t - txt); + write(htmlfd, fmt("%%%2x", c), 3); + txt = t+1; + } + t++; + } + if (t!=txt) + html(txt); +} + void html_hidden(char *name, char *value) { html("<input type='hidden' name='"); html_attr(name); html("' value='"); html_attr(value); html("'/>"); } @@ -5,16 +5,17 @@ extern int htmlfd; extern void html_raw(const char *txt, size_t size); extern void html(const char *txt); extern void htmlf(const char *format,...); extern void html_status(int code, const char *msg, int more_headers); extern void html_txt(char *txt); extern void html_ntxt(int len, char *txt); extern void html_attr(char *txt); +extern void html_url_arg(char *txt); extern void html_hidden(char *name, char *value); extern void html_option(char *value, char *text, char *selected_value); extern void html_link_open(char *url, char *title, char *class); extern void html_link_close(void); extern void html_fileperm(unsigned short mode); extern int html_include(const char *filename); extern int http_parse_querystring(char *txt, void (*fn)(const char *name, const char *value)); diff --git a/tests/setup.sh b/tests/setup.sh index e37306e..1457dd5 100755 --- a/tests/setup.sh +++ b/tests/setup.sh @@ -26,25 +26,33 @@ mkrepo() { cd $name git init for ((n=1; n<=count; n++)) do echo $n >file-$n git add file-$n git commit -m "commit $n" done + if test "$3" = "testplus" + then + echo "hello" >a+b + git add a+b + git commit -m "add a+b" + git branch "1+2" + fi cd $dir } setup_repos() { rm -rf trash/cache mkdir -p trash/cache mkrepo trash/repos/foo 5 >/dev/null mkrepo trash/repos/bar 50 >/dev/null + mkrepo trash/repos/foo+bar 10 testplus >/dev/null cat >trash/cgitrc <<EOF virtual-root=/ cache-root=$PWD/trash/cache cache-size=1021 snapshots=tar.gz tar.bz zip enable-log-filecount=1 enable-log-linecount=1 @@ -56,16 +64,20 @@ repo.url=foo repo.path=$PWD/trash/repos/foo/.git # Do not specify a description for this repo, as it then will be assigned # the constant value "[no description]" (which actually used to cause a # segfault). repo.url=bar repo.path=$PWD/trash/repos/bar/.git repo.desc=the bar repo + +repo.url=foo+bar +repo.path=$PWD/trash/repos/foo+bar/.git +repo.desc=the foo+bar repo EOF } prepare_tests() { setup_repos rm -f test-output.log 2>/dev/null test_count=0 @@ -108,9 +120,8 @@ cgit_query() { CGIT_CONFIG="$PWD/trash/cgitrc" QUERY_STRING="$1" "$PWD/../cgit" } cgit_url() { CGIT_CONFIG="$PWD/trash/cgitrc" QUERY_STRING="url=$1" "$PWD/../cgit" } - diff --git a/tests/t0101-index.sh b/tests/t0101-index.sh index 445af6a..07e39f9 100755 --- a/tests/t0101-index.sh +++ b/tests/t0101-index.sh @@ -4,12 +4,14 @@ prepare_tests "Check content on index page" run_test 'generate index page' 'cgit_url "" >trash/tmp' run_test 'find foo repo' 'grep -e "foo" trash/tmp' run_test 'find foo description' 'grep -e "\[no description\]" trash/tmp' run_test 'find bar repo' 'grep -e "bar" trash/tmp' run_test 'find bar description' 'grep -e "the bar repo" trash/tmp' +run_test 'find foo+bar repo' 'grep -e ">foo+bar<" trash/tmp' +run_test 'verify foo+bar link' 'grep -e "/foo+bar/" trash/tmp' run_test 'no tree-link' '! grep -e "foo/tree" trash/tmp' run_test 'no log-link' '! grep -e "foo/log" trash/tmp' tests_done diff --git a/tests/t0104-tree.sh b/tests/t0104-tree.sh index 2516c72..0d62cc8 100755 --- a/tests/t0104-tree.sh +++ b/tests/t0104-tree.sh @@ -13,9 +13,21 @@ run_test 'generate bar/tree/file-50' 'cgit_url "bar/tree/file-50" >trash/tmp' run_test 'find line 1' ' grep -e "<a id=.n1. name=.n1. href=.#n1.>1</a>" trash/tmp ' run_test 'no line 2' ' grep -e "<a id=.n2. name=.n2. href=.#n2.>2</a>" trash/tmp ' +run_test 'generate foo+bar/tree' 'cgit_url "foo%2bbar/tree" >trash/tmp' + +run_test 'verify a+b link' ' + grep -e "/foo+bar/tree/a+b" trash/tmp +' + +run_test 'generate foo+bar/tree?h=1+2' 'cgit_url "foo%2bbar/tree&h=1%2b2" >trash/tmp' + +run_test 'verify a+b?h=1+2 link' ' + grep -e "/foo+bar/tree/a+b?h=1%2b2" trash/tmp +' + tests_done diff --git a/ui-shared.c b/ui-shared.c index c23bc75..a2f636c 100644 --- a/ui-shared.c +++ b/ui-shared.c @@ -216,46 +216,46 @@ static char *repolink(char *title, char *class, char *page, char *head, html(page); html("/"); if (path) html_attr(path); } } else { html(ctx.cfg.script_name); html("?url="); - html_attr(ctx.repo->url); + html_url_arg(ctx.repo->url); if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/') html("/"); if (page) { - html(page); + html_url_arg(page); html("/"); if (path) - html_attr(path); + html_url_arg(path); } delim = "&"; } if (head && strcmp(head, ctx.repo->defbranch)) { html(delim); html("h="); - html_attr(head); + html_url_arg(head); delim = "&"; } return fmt("%s", delim); } static void reporevlink(char *page, char *name, char *title, char *class, char *head, char *rev, char *path) { char *delim; delim = repolink(title, class, page, head, path); if (rev && strcmp(rev, ctx.qry.head)) { html(delim); html("id="); - html_attr(rev); + html_url_arg(rev); } html("'>"); html_txt(name); html("</a>"); } void cgit_tree_link(char *name, char *title, char *class, char *head, char *rev, char *path) @@ -273,27 +273,27 @@ void cgit_log_link(char *name, char *title, char *class, char *head, char *rev, char *path, int ofs, char *grep, char *pattern) { char *delim; delim = repolink(title, class, "log", head, path); if (rev && strcmp(rev, ctx.qry.head)) { html(delim); html("id="); - html_attr(rev); + html_url_arg(rev); delim = "&"; } if (grep && pattern) { html(delim); html("qt="); - html_attr(grep); + html_url_arg(grep); delim = "&"; html(delim); html("q="); - html_attr(pattern); + html_url_arg(pattern); } if (ofs > 0) { html(delim); html("ofs="); htmlf("%d", ofs); } html("'>"); html_txt(name); @@ -328,23 +328,23 @@ void cgit_diff_link(char *name, char *title, char *class, char *head, char *new_rev, char *old_rev, char *path) { char *delim; delim = repolink(title, class, "diff", head, path); if (new_rev && strcmp(new_rev, ctx.qry.head)) { html(delim); html("id="); - html_attr(new_rev); + html_url_arg(new_rev); delim = "&"; } if (old_rev) { html(delim); html("id2="); - html_attr(old_rev); + html_url_arg(old_rev); } html("'>"); html_txt(name); html("</a>"); } void cgit_patch_link(char *name, char *title, char *class, char *head, char *rev) |