Merge branch 'stable'

author: Lars Hjemli <hjemli@gmail.com> 2011-05-30 23:57:25 +0200
committer: Lars Hjemli <hjemli@gmail.com> 2011-05-30 23:57:25 +0200
commit: 52fbcf2ffac0025128cc1d50681a7ccd859ef3f0 (patch)
tree: 46ef06dfd6575e672dc4d5c92b522af7c3bf5f1c
parent: ui_repolist: get modtime from packed-refs as fallback (diff)
parent: Properly escape ampersands inside HTML attributes (diff)
download: cgit-52fbcf2ffac0025128cc1d50681a7ccd859ef3f0.tar.gz
cgit-52fbcf2ffac0025128cc1d50681a7ccd859ef3f0.tar.bz2
cgit-52fbcf2ffac0025128cc1d50681a7ccd859ef3f0.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/html.c b/html.c
index 4a18a57..eb1c25d 100644
--- a/html.c
+++ b/html.c
@@ -138,7 +138,7 @@ void html_attr(const char *txt)
 	const char *t = txt;
 	while(t && *t){
 		int c = *t;
-		if (c=='<' || c=='>' || c=='\'' || c=='\"') {
+		if (c=='<' || c=='>' || c=='\'' || c=='\"' || c=='&') {
 			html_raw(txt, t - txt);
 			if (c=='>')
 				html("&gt;");
@@ -148,6 +148,8 @@ void html_attr(const char *txt)
 				html("&#x27;");
 			else if (c=='"')
 				html("&quot;");
+			else if (c=='&')
+				html("&amp;");
 			txt = t+1;
 		}
 		t++;
author	Lars Hjemli <hjemli@gmail.com>	2011-05-30 23:57:25 +0200
committer	Lars Hjemli <hjemli@gmail.com>	2011-05-30 23:57:25 +0200
commit	52fbcf2ffac0025128cc1d50681a7ccd859ef3f0 (patch)
tree	46ef06dfd6575e672dc4d5c92b522af7c3bf5f1c
parent	ui_repolist: get modtime from packed-refs as fallback (diff)
parent	Properly escape ampersands inside HTML attributes (diff)
download	cgit-52fbcf2ffac0025128cc1d50681a7ccd859ef3f0.tar.gz cgit-52fbcf2ffac0025128cc1d50681a7ccd859ef3f0.tar.bz2 cgit-52fbcf2ffac0025128cc1d50681a7ccd859ef3f0.zip