ui-shared.c: use html_url_path() in repolink()

This makes sure that reponames and paths are properly escaped when used as urls. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
author: Lars Hjemli <hjemli@gmail.com> 2008-10-05 14:54:44 (UTC)
committer: Lars Hjemli <hjemli@gmail.com> 2008-10-05 14:54:44 (UTC)
commit: 44b208aa44c4cdf7e1e339bbd5b028c23da55a46 (patch) (unidiff)
tree: 74ead4787c7c7507845bfd8504691f07384d1604
parent: 22a597e56dc7fdea78ccbcb7466b45dd62cf7b32 (diff)
download: cgit-44b208aa44c4cdf7e1e339bbd5b028c23da55a46.zip
cgit-44b208aa44c4cdf7e1e339bbd5b028c23da55a46.tar.gz
cgit-44b208aa44c4cdf7e1e339bbd5b028c23da55a46.tar.bz2
1 files changed, 4 insertions, 4 deletions
diff --git a/ui-shared.c b/ui-shared.c
index a2f636c..2eddd2d 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -177,75 +177,75 @@ static void site_link(char *page, char *name, char *title, char *class,
        }
        html(" href='");
        site_url(page, search, ofs);
        html("'>");
        html_txt(name);
        html("</a>");
 }
 void cgit_index_link(char *name, char *title, char *class, char *pattern,
                     int ofs)
 {
        site_link(NULL, name, title, class, pattern, ofs);
 }
 static char *repolink(char *title, char *class, char *page, char *head,
                      char *path)
 {
        char *delim = "?";
        html("<a");
        if (title) {
                html(" title='");
                html_attr(title);
                html("'");
        }
        if (class) {
                html(" class='");
                html_attr(class);
                html("'");
        }
        html(" href='");
        if (ctx.cfg.virtual_root) {
-                html_attr(ctx.cfg.virtual_root);
+                html_url_path(ctx.cfg.virtual_root);
                if (ctx.cfg.virtual_root[strlen(ctx.cfg.virtual_root) - 1] != '/')
                        html("/");
-                html_attr(ctx.repo->url);
+                html_url_path(ctx.repo->url);
                if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/')
                        html("/");
                if (page) {
-                        html(page);
+                        html_url_path(page);
                        html("/");
                        if (path)
-                                html_attr(path);
+                                html_url_path(path);
                }
        } else {
                html(ctx.cfg.script_name);
                html("?url=");
                html_url_arg(ctx.repo->url);
                if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/')
                        html("/");
                if (page) {
                        html_url_arg(page);
                        html("/");
                        if (path)
                                html_url_arg(path);
                }
                delim = "&amp;";
        }
        if (head && strcmp(head, ctx.repo->defbranch)) {
                html(delim);
                html("h=");
                html_url_arg(head);
                delim = "&amp;";
        }
        return fmt("%s", delim);
 }
 static void reporevlink(char *page, char *name, char *title, char *class,
                        char *head, char *rev, char *path)
 {
        char *delim;
        delim = repolink(title, class, page, head, path);
        if (rev && strcmp(rev, ctx.qry.head)) {
                html(delim);
author	Lars Hjemli <hjemli@gmail.com>	2008-10-05 14:54:44 (UTC)
committer	Lars Hjemli <hjemli@gmail.com>	2008-10-05 14:54:44 (UTC)
commit	44b208aa44c4cdf7e1e339bbd5b028c23da55a46 (patch) (unidiff)
tree	74ead4787c7c7507845bfd8504691f07384d1604
parent	22a597e56dc7fdea78ccbcb7466b45dd62cf7b32 (diff)
download	cgit-44b208aa44c4cdf7e1e339bbd5b028c23da55a46.zip cgit-44b208aa44c4cdf7e1e339bbd5b028c23da55a46.tar.gz cgit-44b208aa44c4cdf7e1e339bbd5b028c23da55a46.tar.bz2

diff --git a/ui-shared.c b/ui-shared.c index a2f636c..2eddd2d 100644 --- a/ui-shared.c +++ b/ui-shared.c
@@ -177,75 +177,75 @@ static void site_link(char page, char name, char title, char class,
177	}	177	}
178	html(" href='");	178	html(" href='");
179	site_url(page, search, ofs);	179	site_url(page, search, ofs);
180	html("'>");	180	html("'>");
181	html_txt(name);	181	html_txt(name);
182	html("</a>");	182	html("</a>");
183	}	183	}
184		184
185	void cgit_index_link(char name, char title, char class, char pattern,	185	void cgit_index_link(char name, char title, char class, char pattern,
186	int ofs)	186	int ofs)
187	{	187	{
188	site_link(NULL, name, title, class, pattern, ofs);	188	site_link(NULL, name, title, class, pattern, ofs);
189	}	189	}
190		190
191	static char repolink(char title, char class, char page, char *head,	191	static char repolink(char title, char class, char page, char *head,
192	char *path)	192	char *path)
193	{	193	{
194	char *delim = "?";	194	char *delim = "?";
195		195
196	html("<a");	196	html("<a");
197	if (title) {	197	if (title) {
198	html(" title='");	198	html(" title='");
199	html_attr(title);	199	html_attr(title);
200	html("'");	200	html("'");
201	}	201	}
202	if (class) {	202	if (class) {
203	html(" class='");	203	html(" class='");
204	html_attr(class);	204	html_attr(class);
205	html("'");	205	html("'");
206	}	206	}
207	html(" href='");	207	html(" href='");
208	if (ctx.cfg.virtual_root) {	208	if (ctx.cfg.virtual_root) {
209	html_attr(ctx.cfg.virtual_root);	209	html_url_path(ctx.cfg.virtual_root);
210	if (ctx.cfg.virtual_root[strlen(ctx.cfg.virtual_root) - 1] != '/')	210	if (ctx.cfg.virtual_root[strlen(ctx.cfg.virtual_root) - 1] != '/')
211	html("/");	211	html("/");
212	html_attr(ctx.repo->url);	212	html_url_path(ctx.repo->url);
213	if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/')	213	if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/')
214	html("/");	214	html("/");
215	if (page) {	215	if (page) {
216	html(page);	216	html_url_path(page);
217	html("/");	217	html("/");
218	if (path)	218	if (path)
219	html_attr(path);	219	html_url_path(path);
220	}	220	}
221	} else {	221	} else {
222	html(ctx.cfg.script_name);	222	html(ctx.cfg.script_name);
223	html("?url=");	223	html("?url=");
224	html_url_arg(ctx.repo->url);	224	html_url_arg(ctx.repo->url);
225	if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/')	225	if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/')
226	html("/");	226	html("/");
227	if (page) {	227	if (page) {
228	html_url_arg(page);	228	html_url_arg(page);
229	html("/");	229	html("/");
230	if (path)	230	if (path)
231	html_url_arg(path);	231	html_url_arg(path);
232	}	232	}
233	delim = "&";	233	delim = "&";
234	}	234	}
235	if (head && strcmp(head, ctx.repo->defbranch)) {	235	if (head && strcmp(head, ctx.repo->defbranch)) {
236	html(delim);	236	html(delim);
237	html("h=");	237	html("h=");
238	html_url_arg(head);	238	html_url_arg(head);
239	delim = "&";	239	delim = "&";
240	}	240	}
241	return fmt("%s", delim);	241	return fmt("%s", delim);
242	}	242	}
243		243
244	static void reporevlink(char page, char name, char title, char class,	244	static void reporevlink(char page, char name, char title, char class,
245	char head, char rev, char *path)	245	char head, char rev, char *path)
246	{	246	{
247	char *delim;	247	char *delim;
248		248
249	delim = repolink(title, class, page, head, path);	249	delim = repolink(title, class, page, head, path);
250	if (rev && strcmp(rev, ctx.qry.head)) {	250	if (rev && strcmp(rev, ctx.qry.head)) {
251	html(delim);	251	html(delim);