]> Lady’s Gitweb - Gitweb/blobdiff - gitweb.perl
Lady’s Gitweb / Gitweb / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
gitweb: Don't escape attributes in CGI.pm HTML methods
[Gitweb] / gitweb.perl
diff --git a/gitweb.perl b/gitweb.perl
index 1d15eeedb2a6f37afd7893e06b502f33d67cecb1edf5b4c45c6667cd17cd4994..87a1378ea243d224c05feb4d98a7b54a27cd009865c3915a7da85de35144dc27 100755 (executable)
--- a/gitweb.perl
+++ b/gitweb.perl
@@ -592,7 +592,7 @@ sub esc_html ($;%) {
        my %opts = @_;
 
        $str = to_utf8($str);
-       $str = escapeHTML($str);
+       $str = $cgi->escapeHTML($str);
        if ($opts{'-nbsp'}) {
                $str =~ s/ / /g;
        }
@@ -606,7 +606,7 @@ sub esc_path {
        my %opts = @_;
 
        $str = to_utf8($str);
-       $str = escapeHTML($str);
+       $str = $cgi->escapeHTML($str);
        if ($opts{'-nbsp'}) {
                $str =~ s/ / /g;
        }
@@ -1975,17 +1975,17 @@ sub git_print_page_path {
                        $fullname .= ($fullname ? '/' : '') . $dir;
                        print $cgi->a({-href => href(action=>"tree", file_name=>$fullname,
                                                     hash_base=>$hb),
-                                     -title => esc_html($fullname)}, esc_path($dir));
+                                     -title => $fullname}, esc_path($dir));
                        print " / ";
                }
                if (defined $type && $type eq 'blob') {
                        print $cgi->a({-href => href(action=>"blob_plain", file_name=>$file_name,
                                                     hash_base=>$hb),
-                                     -title => esc_html($name)}, esc_path($basename));
+                                     -title => $name}, esc_path($basename));
                } elsif (defined $type && $type eq 'tree') {
                        print $cgi->a({-href => href(action=>"tree", file_name=>$file_name,
                                                     hash_base=>$hb),
-                                     -title => esc_html($name)}, esc_path($basename));
+                                     -title => $name}, esc_path($basename));
                        print " / ";
                } else {
                        print esc_path($basename);
@@ -3720,7 +3720,7 @@ sub git_commit {
                $formats_nav .=
                        '(merge: ' .
                        join(' ', map {
-                               $cgi->a({-href => href(action=>"commitdiff",
+                               $cgi->a({-href => href(action=>"commit",
                                                       hash=>$_)},
                                        esc_html(substr($_, 0, 7)));
                        } @$parents ) .
🐙🌐 Git·web: A C·G·I script for rendering Git repositories
This page took 0.300461 seconds and 4 git commands to generate.