author | Lukas Fleischer <cgit@cryptocrack.de> | 2011-05-24 18:38:40 (UTC) |
---|---|---|
committer | Lars Hjemli <hjemli@gmail.com> | 2011-05-30 21:55:19 (UTC) |
commit | 69382320d96232ee8c73e664797da61e733c2427 (patch) (side-by-side diff) | |
tree | 7f1d53505859cc6e15b261249a22d1604b3cd037 | |
parent | ec79265f2053e6dc20e0ec486719f5954d2be83d (diff) | |
download | cgit-69382320d96232ee8c73e664797da61e733c2427.zip cgit-69382320d96232ee8c73e664797da61e733c2427.tar.gz cgit-69382320d96232ee8c73e664797da61e733c2427.tar.bz2 |
Properly escape ampersands inside HTML attributes
Ampersands ("&") appearing inside HTML attributes need to be translated
to "&". Otherwise, invalid XHTML will be generated at various
places, such as at tree views containing links to submodules.
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
-rw-r--r-- | html.c | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -135,22 +135,24 @@ void html_ntxt(int len, const char *txt) void html_attr(const char *txt) { const char *t = txt; while(t && *t){ int c = *t; - if (c=='<' || c=='>' || c=='\'' || c=='\"') { + if (c=='<' || c=='>' || c=='\'' || c=='\"' || c=='&') { html_raw(txt, t - txt); if (c=='>') html(">"); else if (c=='<') html("<"); else if (c=='\'') html("'"); else if (c=='"') html("""); + else if (c=='&') + html("&"); txt = t+1; } t++; } if (t!=txt) html(txt); |