]> Lady’s Gitweb - Gitweb/commitdiff
Lady’s Gitweb / Gitweb / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side (parent: 00ba750)
gitweb: escape tag comments
authorDaniel Drake <redacted>
Mon, 24 Jul 2006 22:07:23 +0000 (23:07 +0100)
committerLady <redacted>
Sat, 4 Apr 2026 18:43:37 +0000 (14:43 -0400)
I have a tag with a comment which includes an & character. Firefox wouldn't
display my gitweb summary page due to malformed XML. This solves the problem.

Signed-off-by: Daniel Drake <redacted>
Signed-off-by: Junio C Hamano <redacted>
gitweb.cgi patch | blob | history

diff --git a/gitweb.cgi b/gitweb.cgi
index 73a2763134389afb856fc127b8794fc856dbd8411515b75c99d71fee07506530..90fff76de8c4fe3cd8ce2ea31c75e38553d22d5fcf358076d4a8a08e569fcc9d 100755 (executable)
--- a/gitweb.cgi
+++ b/gitweb.cgi
@@ -1138,7 +1138,7 @@ sub git_summary {
                                      "</td>\n" .
                                      "<td>";
                                if (defined($comment)) {
-                                     print $cgi->a({-class => "list", -href => "$my_uri?" . esc_param("p=$project;a=tag;h=$tag{'id'}")}, $comment);
+                                     print $cgi->a({-class => "list", -href => "$my_uri?" . esc_param("p=$project;a=tag;h=$tag{'id'}")}, esc_html($comment));
                                }
                                print "</td>\n" .
                                      "<td class=\"link\">";
🐙🌐 Git·web: A C·G·I script for rendering Git repositories
This page took 0.213593 seconds and 4 git commands to generate.