]> Lady’s Gitweb - Gitweb/commit
Lady’s Gitweb / Gitweb / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 685bbf9)
gitweb: Fix displaying unchopped argument in chop_and_escape_str
authorJakub Narebski <redacted>
Sat, 16 Feb 2008 22:07:46 +0000 (23:07 +0100)
committerLady <redacted>
Mon, 6 Apr 2026 04:07:12 +0000 (00:07 -0400)
commitfb80fbe55d390ada4e110f039b13b9d5588a87eabe86e83158f715d7dcded093
tree1a1520a67b0be744b097ec51dd6faca3dbc547b292cf87679da37e079f227460tree | snapshot
parent685bbf99d6e992c52cac0972acf6061012e839908a57e67186eaf5491ac30d14commit | diff
gitweb: Fix displaying unchopped argument in chop_and_escape_str

Do not use esc_html to escape [title] _attribute_ of a HTML element,
and quote unprintable characters.  Replace unprintable characters by
'?' and use CGI method to generate HTML element and do the escaping.

This caused bug noticed by Martin Koegler,
  Message-ID: <redacted>
that for bad commit encoding in author name, the title attribute (here
to show full, not shortened name) had embedded HTML code in it, result
of quoting unprintable characters the gitweb/HTML way. This of course
broke the HTML, causing page being not displayed in XML validating web
browsers.

Signed-off-by: Jakub Narebski <redacted>
Signed-off-by: Junio C Hamano <redacted>
gitweb.perl diff | blob | history
🐙🌐 Git·web: A C·G·I script for rendering Git repositories
This page took 0.211855 seconds and 4 git commands to generate.