1. Stefan Saasen
  2. git


Daniel Drake  committed 143c89b

gitweb: escape tag comments

I have a tag with a comment which includes an & character. Firefox wouldn't
display my gitweb summary page due to malformed XML. This solves the problem.

Signed-off-by: Daniel Drake <dsd@gentoo.org>
Signed-off-by: Junio C Hamano <junkio@cox.net>

  • Participants
  • Parent commits 09f5dc4
  • Branches master

Comments (0)

Files changed (1)

File gitweb/gitweb.cgi

View file
  • Ignore whitespace
 				      "</td>\n" .
 				if (defined($comment)) {
-				      print $cgi->a({-class => "list", -href => "$my_uri?" . esc_param("p=$project;a=tag;h=$tag{'id'}")}, $comment);
+				      print $cgi->a({-class => "list", -href => "$my_uri?" . esc_param("p=$project;a=tag;h=$tag{'id'}")}, esc_html($comment));
 				print "</td>\n" .
 				      "<td class=\"link\">";