summaryrefslogtreecommitdiffabout
authorLars Hjemli <hjemli@gmail.com>2008-10-05 11:13:33 (UTC)
committer Lars Hjemli <hjemli@gmail.com>2008-10-05 11:13:33 (UTC)
commit20c895f6889a66d7cf43c67a7c22df6ef324ed5d (patch) (unidiff)
tree4fc0c044fa0919cab562b371191add67114d07a9
parent204669ff4a4028a82cc48e9319632595ba3ff703 (diff)
parentb575115d9d93e45cdbcd5d066cc445d34639ae6a (diff)
downloadcgit-20c895f6889a66d7cf43c67a7c22df6ef324ed5d.zip
cgit-20c895f6889a66d7cf43c67a7c22df6ef324ed5d.tar.gz
cgit-20c895f6889a66d7cf43c67a7c22df6ef324ed5d.tar.bz2
Merge branch 'lh/escape-urls'
* lh/escape-urls: ui-shared.c: use html_url_arg() html.c: add html_url_arg
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--html.c16
-rw-r--r--html.h1
-rwxr-xr-xtests/setup.sh13
-rwxr-xr-xtests/t0101-index.sh2
-rwxr-xr-xtests/t0104-tree.sh12
-rw-r--r--ui-shared.c20
6 files changed, 53 insertions, 11 deletions
diff --git a/html.c b/html.c
index 36e9a2f..167127f 100644
--- a/html.c
+++ b/html.c
@@ -128,6 +128,22 @@ void html_attr(char *txt)
128 html(txt); 128 html(txt);
129} 129}
130 130
131void html_url_arg(char *txt)
132{
133 char *t = txt;
134 while(t && *t){
135 int c = *t;
136 if (c=='"' || c=='#' || c=='%' || c=='&' || c=='\'' || c=='+' || c=='?') {
137 write(htmlfd, txt, t - txt);
138 write(htmlfd, fmt("%%%2x", c), 3);
139 txt = t+1;
140 }
141 t++;
142 }
143 if (t!=txt)
144 html(txt);
145}
146
131void html_hidden(char *name, char *value) 147void html_hidden(char *name, char *value)
132{ 148{
133 html("<input type='hidden' name='"); 149 html("<input type='hidden' name='");
diff --git a/html.h b/html.h
index 3c32935..038cf60 100644
--- a/html.h
+++ b/html.h
@@ -10,6 +10,7 @@ extern void html_status(int code, const char *msg, int more_headers);
10extern void html_txt(char *txt); 10extern void html_txt(char *txt);
11extern void html_ntxt(int len, char *txt); 11extern void html_ntxt(int len, char *txt);
12extern void html_attr(char *txt); 12extern void html_attr(char *txt);
13extern void html_url_arg(char *txt);
13extern void html_hidden(char *name, char *value); 14extern void html_hidden(char *name, char *value);
14extern void html_option(char *value, char *text, char *selected_value); 15extern void html_option(char *value, char *text, char *selected_value);
15extern void html_link_open(char *url, char *title, char *class); 16extern void html_link_open(char *url, char *title, char *class);
diff --git a/tests/setup.sh b/tests/setup.sh
index e37306e..1457dd5 100755
--- a/tests/setup.sh
+++ b/tests/setup.sh
@@ -31,6 +31,13 @@ mkrepo() {
31 git add file-$n 31 git add file-$n
32 git commit -m "commit $n" 32 git commit -m "commit $n"
33 done 33 done
34 if test "$3" = "testplus"
35 then
36 echo "hello" >a+b
37 git add a+b
38 git commit -m "add a+b"
39 git branch "1+2"
40 fi
34 cd $dir 41 cd $dir
35} 42}
36 43
@@ -40,6 +47,7 @@ setup_repos()
40 mkdir -p trash/cache 47 mkdir -p trash/cache
41 mkrepo trash/repos/foo 5 >/dev/null 48 mkrepo trash/repos/foo 5 >/dev/null
42 mkrepo trash/repos/bar 50 >/dev/null 49 mkrepo trash/repos/bar 50 >/dev/null
50 mkrepo trash/repos/foo+bar 10 testplus >/dev/null
43 cat >trash/cgitrc <<EOF 51 cat >trash/cgitrc <<EOF
44virtual-root=/ 52virtual-root=/
45cache-root=$PWD/trash/cache 53cache-root=$PWD/trash/cache
@@ -61,6 +69,10 @@ repo.path=$PWD/trash/repos/foo/.git
61repo.url=bar 69repo.url=bar
62repo.path=$PWD/trash/repos/bar/.git 70repo.path=$PWD/trash/repos/bar/.git
63repo.desc=the bar repo 71repo.desc=the bar repo
72
73repo.url=foo+bar
74repo.path=$PWD/trash/repos/foo+bar/.git
75repo.desc=the foo+bar repo
64EOF 76EOF
65} 77}
66 78
@@ -113,4 +125,3 @@ cgit_url()
113{ 125{
114 CGIT_CONFIG="$PWD/trash/cgitrc" QUERY_STRING="url=$1" "$PWD/../cgit" 126 CGIT_CONFIG="$PWD/trash/cgitrc" QUERY_STRING="url=$1" "$PWD/../cgit"
115} 127}
116
diff --git a/tests/t0101-index.sh b/tests/t0101-index.sh
index 445af6a..07e39f9 100755
--- a/tests/t0101-index.sh
+++ b/tests/t0101-index.sh
@@ -9,6 +9,8 @@ run_test 'find foo repo' 'grep -e "foo" trash/tmp'
9run_test 'find foo description' 'grep -e "\[no description\]" trash/tmp' 9run_test 'find foo description' 'grep -e "\[no description\]" trash/tmp'
10run_test 'find bar repo' 'grep -e "bar" trash/tmp' 10run_test 'find bar repo' 'grep -e "bar" trash/tmp'
11run_test 'find bar description' 'grep -e "the bar repo" trash/tmp' 11run_test 'find bar description' 'grep -e "the bar repo" trash/tmp'
12run_test 'find foo+bar repo' 'grep -e ">foo+bar<" trash/tmp'
13run_test 'verify foo+bar link' 'grep -e "/foo+bar/" trash/tmp'
12run_test 'no tree-link' '! grep -e "foo/tree" trash/tmp' 14run_test 'no tree-link' '! grep -e "foo/tree" trash/tmp'
13run_test 'no log-link' '! grep -e "foo/log" trash/tmp' 15run_test 'no log-link' '! grep -e "foo/log" trash/tmp'
14 16
diff --git a/tests/t0104-tree.sh b/tests/t0104-tree.sh
index 2516c72..0d62cc8 100755
--- a/tests/t0104-tree.sh
+++ b/tests/t0104-tree.sh
@@ -18,4 +18,16 @@ run_test 'no line 2' '
18 grep -e "<a id=.n2. name=.n2. href=.#n2.>2</a>" trash/tmp 18 grep -e "<a id=.n2. name=.n2. href=.#n2.>2</a>" trash/tmp
19' 19'
20 20
21run_test 'generate foo+bar/tree' 'cgit_url "foo%2bbar/tree" >trash/tmp'
22
23run_test 'verify a+b link' '
24 grep -e "/foo+bar/tree/a+b" trash/tmp
25'
26
27run_test 'generate foo+bar/tree?h=1+2' 'cgit_url "foo%2bbar/tree&h=1%2b2" >trash/tmp'
28
29run_test 'verify a+b?h=1+2 link' '
30 grep -e "/foo+bar/tree/a+b?h=1%2b2" trash/tmp
31'
32
21tests_done 33tests_done
diff --git a/ui-shared.c b/ui-shared.c
index c23bc75..a2f636c 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -221,21 +221,21 @@ static char *repolink(char *title, char *class, char *page, char *head,
221 } else { 221 } else {
222 html(ctx.cfg.script_name); 222 html(ctx.cfg.script_name);
223 html("?url="); 223 html("?url=");
224 html_attr(ctx.repo->url); 224 html_url_arg(ctx.repo->url);
225 if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/') 225 if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/')
226 html("/"); 226 html("/");
227 if (page) { 227 if (page) {
228 html(page); 228 html_url_arg(page);
229 html("/"); 229 html("/");
230 if (path) 230 if (path)
231 html_attr(path); 231 html_url_arg(path);
232 } 232 }
233 delim = "&amp;"; 233 delim = "&amp;";
234 } 234 }
235 if (head && strcmp(head, ctx.repo->defbranch)) { 235 if (head && strcmp(head, ctx.repo->defbranch)) {
236 html(delim); 236 html(delim);
237 html("h="); 237 html("h=");
238 html_attr(head); 238 html_url_arg(head);
239 delim = "&amp;"; 239 delim = "&amp;";
240 } 240 }
241 return fmt("%s", delim); 241 return fmt("%s", delim);
@@ -250,7 +250,7 @@ static void reporevlink(char *page, char *name, char *title, char *class,
250 if (rev && strcmp(rev, ctx.qry.head)) { 250 if (rev && strcmp(rev, ctx.qry.head)) {
251 html(delim); 251 html(delim);
252 html("id="); 252 html("id=");
253 html_attr(rev); 253 html_url_arg(rev);
254 } 254 }
255 html("'>"); 255 html("'>");
256 html_txt(name); 256 html_txt(name);
@@ -278,17 +278,17 @@ void cgit_log_link(char *name, char *title, char *class, char *head,
278 if (rev && strcmp(rev, ctx.qry.head)) { 278 if (rev && strcmp(rev, ctx.qry.head)) {
279 html(delim); 279 html(delim);
280 html("id="); 280 html("id=");
281 html_attr(rev); 281 html_url_arg(rev);
282 delim = "&"; 282 delim = "&";
283 } 283 }
284 if (grep && pattern) { 284 if (grep && pattern) {
285 html(delim); 285 html(delim);
286 html("qt="); 286 html("qt=");
287 html_attr(grep); 287 html_url_arg(grep);
288 delim = "&"; 288 delim = "&";
289 html(delim); 289 html(delim);
290 html("q="); 290 html("q=");
291 html_attr(pattern); 291 html_url_arg(pattern);
292 } 292 }
293 if (ofs > 0) { 293 if (ofs > 0) {
294 html(delim); 294 html(delim);
@@ -333,13 +333,13 @@ void cgit_diff_link(char *name, char *title, char *class, char *head,
333 if (new_rev && strcmp(new_rev, ctx.qry.head)) { 333 if (new_rev && strcmp(new_rev, ctx.qry.head)) {
334 html(delim); 334 html(delim);
335 html("id="); 335 html("id=");
336 html_attr(new_rev); 336 html_url_arg(new_rev);
337 delim = "&amp;"; 337 delim = "&amp;";
338 } 338 }
339 if (old_rev) { 339 if (old_rev) {
340 html(delim); 340 html(delim);
341 html("id2="); 341 html("id2=");
342 html_attr(old_rev); 342 html_url_arg(old_rev);
343 } 343 }
344 html("'>"); 344 html("'>");
345 html_txt(name); 345 html_txt(name);