From: Daniel Drake <redacted>
Date: Mon, 24 Jul 2006 22:07:23 +0000 (+0100)
Subject: gitweb: escape tag comments
X-Git-Url: https://git.ladys.computer/Gitweb/commitdiff_plain/a04057b5928f7b73d2b81a102fa6696e3356a30772c3300f02f636474ff75817

gitweb: escape tag comments

I have a tag with a comment which includes an & character. Firefox wouldn't
display my gitweb summary page due to malformed XML. This solves the problem.

Signed-off-by: Daniel Drake <redacted>
Signed-off-by: Junio C Hamano <redacted>
---

diff --git a/gitweb.cgi b/gitweb.cgi
index 73a2763..90fff76 100755
--- a/gitweb.cgi
+++ b/gitweb.cgi
@@ -1138,7 +1138,7 @@ sub git_summary {
 				      "</td>\n" .
 				      "<td>";
 				if (defined($comment)) {
-				      print $cgi->a({-class => "list", -href => "$my_uri?" . esc_param("p=$project;a=tag;h=$tag{'id'}")}, $comment);
+				      print $cgi->a({-class => "list", -href => "$my_uri?" . esc_param("p=$project;a=tag;h=$tag{'id'}")}, esc_html($comment));
 				}
 				print "</td>\n" .
 				      "<td class=\"link\">";