diff options
| author | Junio C Hamano <gitster@pobox.com> | 2016-08-10 20:55:30 +0200 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2016-08-10 20:55:30 +0200 |
| commit | 1dc4aa67d615afa1f3fc0b19a873a68ba6ab3da8 (patch) | |
| tree | bc3d1f02b40f38eb8c01d788013a5fd9bdc4f256 | |
| parent | Merge branch 'js/t4130-rename-without-ino' into maint (diff) | |
| parent | gitweb: escape link body in format_ref_marker (diff) | |
| download | git-1dc4aa67d615afa1f3fc0b19a873a68ba6ab3da8.tar.xz git-1dc4aa67d615afa1f3fc0b19a873a68ba6ab3da8.zip | |
Merge branch 'ab/gitweb-link-html-escape' into maint
The characters in the label shown for tags/refs for commits in
"gitweb" output are now properly escaped for proper HTML output.
* ab/gitweb-link-html-escape:
gitweb: escape link body in format_ref_marker
| -rwxr-xr-x | gitweb/gitweb.perl | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index 2fddf750fa..33d701d852 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -2090,7 +2090,7 @@ sub format_ref_marker { -href => href( action=>$dest_action, hash=>$dest - )}, $name); + )}, esc_html($name)); $markers .= " <span class=\"".esc_attr($class)."\" title=\"".esc_attr($ref)."\">" . $link . "</span>"; |