]> Lady’s Gitweb - Gitweb/blobdiff - gitweb.perl
Lady’s Gitweb / Gitweb / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
gitweb: Protect against possible warning in git_commitdiff
[Gitweb] / gitweb.perl
diff --git a/gitweb.perl b/gitweb.perl
index 5e61bd15c603814073c8080ed9d3ced0bd102422d806060d1154c93910bc00e3..aea8856a71c8990dbf2d1ada1cb93bf4deb8b836c2e6acd991a3ad103404c8ca 100755 (executable)
--- a/gitweb.perl
+++ b/gitweb.perl
@@ -577,11 +577,10 @@ sub esc_html ($;%) {
 
        $str = to_utf8($str);
        $str = escapeHTML($str);
 
        $str = to_utf8($str);
        $str = escapeHTML($str);
-       $str =~ s/\014/^L/g; # escape FORM FEED (FF) character (e.g. in COPYING file)
-       $str =~ s/\033/^[/g; # "escape" ESCAPE (\e) character (e.g. commit 20a3847d8a5032ce41f90dcc68abfb36e6fee9b1)
        if ($opts{'-nbsp'}) {
                $str =~ s/ / /g;
        }
        if ($opts{'-nbsp'}) {
                $str =~ s/ / /g;
        }
+       $str =~ s|([[:cntrl:]])|(($1 ne "\t") ? quot_cec($1) : $1)|eg;
        return $str;
 }
 
        return $str;
 }
 
@@ -816,12 +815,11 @@ sub file_type_long {
 ## functions returning short HTML fragments, or transforming HTML fragments
 ## which don't beling to other sections
 
 ## functions returning short HTML fragments, or transforming HTML fragments
 ## which don't beling to other sections
 
-# format line of commit message or tag comment
+# format line of commit message.
 sub format_log_line_html {
        my $line = shift;
 
 sub format_log_line_html {
        my $line = shift;
 
-       $line = esc_html($line);
-       $line =~ s/ / /g;
+       $line = esc_html($line, -nbsp=>1);
        if ($line =~ m/([0-9a-fA-F]{40})/) {
                my $hash_text = $1;
                if (git_get_type($hash_text) eq "commit") {
        if ($line =~ m/([0-9a-fA-F]{40})/) {
                my $hash_text = $1;
                if (git_get_type($hash_text) eq "commit") {
@@ -1880,17 +1878,17 @@ sub git_print_page_path {
                        $fullname .= ($fullname ? '/' : '') . $dir;
                        print $cgi->a({-href => href(action=>"tree", file_name=>$fullname,
                                                     hash_base=>$hb),
                        $fullname .= ($fullname ? '/' : '') . $dir;
                        print $cgi->a({-href => href(action=>"tree", file_name=>$fullname,
                                                     hash_base=>$hb),
-                                     -title => $fullname}, esc_path($dir));
+                                     -title => esc_html($fullname)}, esc_path($dir));
                        print " / ";
                }
                if (defined $type && $type eq 'blob') {
                        print $cgi->a({-href => href(action=>"blob_plain", file_name=>$file_name,
                                                     hash_base=>$hb),
                        print " / ";
                }
                if (defined $type && $type eq 'blob') {
                        print $cgi->a({-href => href(action=>"blob_plain", file_name=>$file_name,
                                                     hash_base=>$hb),
-                                     -title => $name}, esc_path($basename));
+                                     -title => esc_html($name)}, esc_path($basename));
                } elsif (defined $type && $type eq 'tree') {
                        print $cgi->a({-href => href(action=>"tree", file_name=>$file_name,
                                                     hash_base=>$hb),
                } elsif (defined $type && $type eq 'tree') {
                        print $cgi->a({-href => href(action=>"tree", file_name=>$file_name,
                                                     hash_base=>$hb),
-                                     -title => $name}, esc_path($basename));
+                                     -title => esc_html($name)}, esc_path($basename));
                        print " / ";
                } else {
                        print esc_path($basename);
                        print " / ";
                } else {
                        print esc_path($basename);
@@ -2013,7 +2011,7 @@ sub git_print_tree_entry {
 
 sub git_difftree_body {
        my ($difftree, $hash, $parent) = @_;
 
 sub git_difftree_body {
        my ($difftree, $hash, $parent) = @_;
-
+       my ($have_blame) = gitweb_check_feature('blame');
        print "<div class=\"list_head\">\n";
        if ($#{$difftree} > 10) {
                print(($#{$difftree} + 1) . " files changed:\n");
        print "<div class=\"list_head\">\n";
        if ($#{$difftree} > 10) {
                print(($#{$difftree} + 1) . " files changed:\n");
@@ -2086,9 +2084,13 @@ sub git_difftree_body {
                        print $cgi->a({-href => href(action=>"blob", hash=>$diff{'from_id'},
                                                     hash_base=>$parent, file_name=>$diff{'file'})},
                                      "blob") . " | ";
                        print $cgi->a({-href => href(action=>"blob", hash=>$diff{'from_id'},
                                                     hash_base=>$parent, file_name=>$diff{'file'})},
                                      "blob") . " | ";
-                       print $cgi->a({-href => href(action=>"blame", hash_base=>$parent,
-                                                    file_name=>$diff{'file'})},
-                                     "blame") . " | ";
+                       if ($have_blame) {
+                               print $cgi->a({-href =>
+                                                  href(action=>"blame",
+                                                       hash_base=>$parent,
+                                                       file_name=>$diff{'file'})},
+                                             "blame") . " | ";
+                       }
                        print $cgi->a({-href => href(action=>"history", hash_base=>$parent,
                                                     file_name=>$diff{'file'})},
                                      "history");
                        print $cgi->a({-href => href(action=>"history", hash_base=>$parent,
                                                     file_name=>$diff{'file'})},
                                      "history");
@@ -2134,9 +2136,12 @@ sub git_difftree_body {
                        print $cgi->a({-href => href(action=>"blob", hash=>$diff{'to_id'},
                                                     hash_base=>$hash, file_name=>$diff{'file'})},
                                      "blob") . " | ";
                        print $cgi->a({-href => href(action=>"blob", hash=>$diff{'to_id'},
                                                     hash_base=>$hash, file_name=>$diff{'file'})},
                                      "blob") . " | ";
-                       print $cgi->a({-href => href(action=>"blame", hash_base=>$hash,
-                                                    file_name=>$diff{'file'})},
-                                     "blame") . " | ";
+                       if ($have_blame) {
+                               print $cgi->a({-href => href(action=>"blame",
+                                                            hash_base=>$hash,
+                                                            file_name=>$diff{'file'})},
+                                             "blame") . " | ";
+                       }
                        print $cgi->a({-href => href(action=>"history", hash_base=>$hash,
                                                     file_name=>$diff{'file'})},
                                      "history");
                        print $cgi->a({-href => href(action=>"history", hash_base=>$hash,
                                                     file_name=>$diff{'file'})},
                                      "history");
@@ -2177,9 +2182,12 @@ sub git_difftree_body {
                        print $cgi->a({-href => href(action=>"blob", hash=>$diff{'from_id'},
                                                     hash_base=>$parent, file_name=>$diff{'from_file'})},
                                      "blob") . " | ";
                        print $cgi->a({-href => href(action=>"blob", hash=>$diff{'from_id'},
                                                     hash_base=>$parent, file_name=>$diff{'from_file'})},
                                      "blob") . " | ";
-                       print $cgi->a({-href => href(action=>"blame", hash_base=>$parent,
-                                                    file_name=>$diff{'from_file'})},
-                                     "blame") . " | ";
+                       if ($have_blame) {
+                               print $cgi->a({-href => href(action=>"blame",
+                                                            hash_base=>$hash,
+                                                            file_name=>$diff{'to_file'})},
+                                             "blame") . " | ";
+                       }
                        print $cgi->a({-href => href(action=>"history", hash_base=>$parent,
                                                    file_name=>$diff{'from_file'})},
                                      "history");
                        print $cgi->a({-href => href(action=>"history", hash_base=>$parent,
                                                    file_name=>$diff{'from_file'})},
                                      "history");
@@ -2331,6 +2339,8 @@ sub git_patchset_body {
 
                print format_diff_line($patch_line);
        }
 
                print format_diff_line($patch_line);
        }
+       print "</div>\n" if $in_header; # extended header
+
        print "</div>\n" if $patch_found; # class="patch"
 
        print "</div>\n"; # class="patchset"
        print "</div>\n" if $patch_found; # class="patch"
 
        print "</div>\n"; # class="patchset"
@@ -2445,7 +2455,7 @@ sub git_project_list_body {
                      $pr->{'age_string'} . "</td>\n" .
                      "<td class=\"link\">" .
                      $cgi->a({-href => href(project=>$pr->{'path'}, action=>"summary")}, "summary")   . " | " .
                      $pr->{'age_string'} . "</td>\n" .
                      "<td class=\"link\">" .
                      $cgi->a({-href => href(project=>$pr->{'path'}, action=>"summary")}, "summary")   . " | " .
-                     $cgi->a({-href => '/git-browser/by-commit.html?r='.$pr->{'path'}}, "graphiclog") . " | " .
+                     $cgi->a({-href => href(project=>$pr->{'path'}, action=>"shortlog")}, "shortlog") . " | " .
                      $cgi->a({-href => href(project=>$pr->{'path'}, action=>"log")}, "log") . " | " .
                      $cgi->a({-href => href(project=>$pr->{'path'}, action=>"tree")}, "tree") .
                      ($pr->{'forks'} ? " | " . $cgi->a({-href => href(project=>$pr->{'path'}, action=>"forks")}, "forks") : '') .
                      $cgi->a({-href => href(project=>$pr->{'path'}, action=>"log")}, "log") . " | " .
                      $cgi->a({-href => href(project=>$pr->{'path'}, action=>"tree")}, "tree") .
                      ($pr->{'forks'} ? " | " . $cgi->a({-href => href(project=>$pr->{'path'}, action=>"forks")}, "forks") : '') .
@@ -2842,6 +2852,7 @@ sub git_tag {
        print "<div class=\"page_body\">";
        my $comment = $tag{'comment'};
        foreach my $line (@$comment) {
        print "<div class=\"page_body\">";
        my $comment = $tag{'comment'};
        foreach my $line (@$comment) {
+               chomp($line);
                print esc_html($line) . "<br/>\n";
        }
        print "</div>\n";
                print esc_html($line) . "<br/>\n";
        }
        print "</div>\n";
@@ -2911,6 +2922,7 @@ HTML
                        }
                }
                my $data = $_;
                        }
                }
                my $data = $_;
+               chomp($data);
                my $rev = substr($full_rev, 0, 8);
                my $author = $meta->{'author'};
                my %date = parse_date($meta->{'author-time'},
                my $rev = substr($full_rev, 0, 8);
                my $author = $meta->{'author'};
                my %date = parse_date($meta->{'author-time'},
@@ -3720,7 +3732,8 @@ sub git_commitdiff {
                        $hash_parent, $hash, "--"
                        or die_error(undef, "Open git-diff-tree failed");
 
                        $hash_parent, $hash, "--"
                        or die_error(undef, "Open git-diff-tree failed");
 
-               while (chomp(my $line = <$fd>)) {
+               while (my $line = <$fd>) {
+                       chomp $line;
                        # empty line ends raw part of diff-tree output
                        last unless $line;
                        push @difftree, $line;
                        # empty line ends raw part of diff-tree output
                        last unless $line;
                        push @difftree, $line;
🐙🌐 Git·web: A C·G·I script for rendering Git repositories
This page took 0.284096 seconds and 4 git commands to generate.