summaryrefslogtreecommitdiffabout
path: root/ui-shared.c
authorLars Hjemli <hjemli@gmail.com>2008-10-05 17:25:47 (UTC)
committer Lars Hjemli <hjemli@gmail.com>2008-10-05 17:25:47 (UTC)
commit2e884f3162771880a2a5260713d6b7d1aa25bc6f (patch) (unidiff)
tree6d7193cc2ce766ac3d350ba3f2ea20e546ec5344 /ui-shared.c
parentb7f33786ef4b155a11b0324f84bbde5d7fc9c998 (diff)
downloadcgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.zip
cgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.tar.gz
cgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.tar.bz2
ui-shared: use html_url_path() to get properly escaped url in form action
When a repo uses an url with e.g. '#' or '?' characters this needs to be properly escaped when used as action in a form tag. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Diffstat (limited to 'ui-shared.c') (more/less context) (ignore whitespace changes)
-rw-r--r--ui-shared.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/ui-shared.c b/ui-shared.c
index f858ab6..1e12529 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -604,98 +604,98 @@ void cgit_print_pageheader(struct cgit_context *ctx)
604 cgit_index_link("index", NULL, NULL, NULL, 0); 604 cgit_index_link("index", NULL, NULL, NULL, 0);
605 html(" : "); 605 html(" : ");
606 cgit_summary_link(ctx->repo->name, ctx->repo->name, NULL, NULL); 606 cgit_summary_link(ctx->repo->name, ctx->repo->name, NULL, NULL);
607 html("</td><td class='form'>"); 607 html("</td><td class='form'>");
608 html("<form method='get' action=''>\n"); 608 html("<form method='get' action=''>\n");
609 add_hidden_formfields(0, 1, ctx->qry.page); 609 add_hidden_formfields(0, 1, ctx->qry.page);
610 html("<select name='h' onchange='this.form.submit();'>\n"); 610 html("<select name='h' onchange='this.form.submit();'>\n");
611 for_each_branch_ref(print_branch_option, ctx->qry.head); 611 for_each_branch_ref(print_branch_option, ctx->qry.head);
612 html("</select> "); 612 html("</select> ");
613 html("<input type='submit' name='' value='switch'/>"); 613 html("<input type='submit' name='' value='switch'/>");
614 html("</form>"); 614 html("</form>");
615 } else 615 } else
616 html_txt(ctx->cfg.root_title); 616 html_txt(ctx->cfg.root_title);
617 html("</td></tr>\n"); 617 html("</td></tr>\n");
618 618
619 html("<tr><td class='sub'>"); 619 html("<tr><td class='sub'>");
620 if (ctx->repo) { 620 if (ctx->repo) {
621 html_txt(ctx->repo->desc); 621 html_txt(ctx->repo->desc);
622 html("</td><td class='sub right'>"); 622 html("</td><td class='sub right'>");
623 html_txt(ctx->repo->owner); 623 html_txt(ctx->repo->owner);
624 } else { 624 } else {
625 if (ctx->cfg.root_desc) 625 if (ctx->cfg.root_desc)
626 html_txt(ctx->cfg.root_desc); 626 html_txt(ctx->cfg.root_desc);
627 else if (ctx->cfg.index_info) 627 else if (ctx->cfg.index_info)
628 html_include(ctx->cfg.index_info); 628 html_include(ctx->cfg.index_info);
629 } 629 }
630 html("</td></tr></table>\n"); 630 html("</td></tr></table>\n");
631 631
632 html("<table class='tabs'><tr><td>\n"); 632 html("<table class='tabs'><tr><td>\n");
633 if (ctx->repo) { 633 if (ctx->repo) {
634 cgit_summary_link("summary", NULL, NULL, ctx->qry.head); 634 cgit_summary_link("summary", NULL, NULL, ctx->qry.head);
635 cgit_refs_link("refs", NULL, hc(cmd, "refs"), ctx->qry.head, 635 cgit_refs_link("refs", NULL, hc(cmd, "refs"), ctx->qry.head,
636 ctx->qry.sha1, NULL); 636 ctx->qry.sha1, NULL);
637 cgit_log_link("log", NULL, hc(cmd, "log"), ctx->qry.head, 637 cgit_log_link("log", NULL, hc(cmd, "log"), ctx->qry.head,
638 NULL, NULL, 0, NULL, NULL); 638 NULL, NULL, 0, NULL, NULL);
639 cgit_tree_link("tree", NULL, hc(cmd, "tree"), ctx->qry.head, 639 cgit_tree_link("tree", NULL, hc(cmd, "tree"), ctx->qry.head,
640 ctx->qry.sha1, NULL); 640 ctx->qry.sha1, NULL);
641 cgit_commit_link("commit", NULL, hc(cmd, "commit"), 641 cgit_commit_link("commit", NULL, hc(cmd, "commit"),
642 ctx->qry.head, ctx->qry.sha1); 642 ctx->qry.head, ctx->qry.sha1);
643 cgit_diff_link("diff", NULL, hc(cmd, "diff"), ctx->qry.head, 643 cgit_diff_link("diff", NULL, hc(cmd, "diff"), ctx->qry.head,
644 ctx->qry.sha1, ctx->qry.sha2, NULL); 644 ctx->qry.sha1, ctx->qry.sha2, NULL);
645 if (ctx->repo->readme) 645 if (ctx->repo->readme)
646 reporevlink("about", "about", NULL, 646 reporevlink("about", "about", NULL,
647 hc(cmd, "about"), ctx->qry.head, NULL, 647 hc(cmd, "about"), ctx->qry.head, NULL,
648 NULL); 648 NULL);
649 html("</td><td class='form'>"); 649 html("</td><td class='form'>");
650 html("<form class='right' method='get' action='"); 650 html("<form class='right' method='get' action='");
651 if (ctx->cfg.virtual_root) 651 if (ctx->cfg.virtual_root)
652 html_attr(cgit_fileurl(ctx->qry.repo, "log", 652 html_url_path(cgit_fileurl(ctx->qry.repo, "log",
653 ctx->qry.path, NULL)); 653 ctx->qry.path, NULL));
654 html("'>\n"); 654 html("'>\n");
655 add_hidden_formfields(1, 0, "log"); 655 add_hidden_formfields(1, 0, "log");
656 html("<select name='qt'>\n"); 656 html("<select name='qt'>\n");
657 html_option("grep", "log msg", ctx->qry.grep); 657 html_option("grep", "log msg", ctx->qry.grep);
658 html_option("author", "author", ctx->qry.grep); 658 html_option("author", "author", ctx->qry.grep);
659 html_option("committer", "committer", ctx->qry.grep); 659 html_option("committer", "committer", ctx->qry.grep);
660 html("</select>\n"); 660 html("</select>\n");
661 html("<input class='txt' type='text' size='10' name='q' value='"); 661 html("<input class='txt' type='text' size='10' name='q' value='");
662 html_attr(ctx->qry.search); 662 html_attr(ctx->qry.search);
663 html("'/>\n"); 663 html("'/>\n");
664 html("<input type='submit' value='search'/>\n"); 664 html("<input type='submit' value='search'/>\n");
665 html("</form>\n"); 665 html("</form>\n");
666 } else { 666 } else {
667 site_link(NULL, "index", NULL, hc(cmd, "repolist"), NULL, 0); 667 site_link(NULL, "index", NULL, hc(cmd, "repolist"), NULL, 0);
668 if (ctx->cfg.root_readme) 668 if (ctx->cfg.root_readme)
669 site_link("about", "about", NULL, hc(cmd, "about"), 669 site_link("about", "about", NULL, hc(cmd, "about"),
670 NULL, 0); 670 NULL, 0);
671 html("</td><td class='form'>"); 671 html("</td><td class='form'>");
672 html("<form method='get' action='"); 672 html("<form method='get' action='");
673 html_attr(cgit_rooturl()); 673 html_attr(cgit_rooturl());
674 html("'>\n"); 674 html("'>\n");
675 html("<input type='text' name='q' size='10' value='"); 675 html("<input type='text' name='q' size='10' value='");
676 html_attr(ctx->qry.search); 676 html_attr(ctx->qry.search);
677 html("'/>\n"); 677 html("'/>\n");
678 html("<input type='submit' value='search'/>\n"); 678 html("<input type='submit' value='search'/>\n");
679 html("</form>"); 679 html("</form>");
680 } 680 }
681 html("</td></tr></table>\n"); 681 html("</td></tr></table>\n");
682 html("<div class='content'>"); 682 html("<div class='content'>");
683} 683}
684 684
685void cgit_print_filemode(unsigned short mode) 685void cgit_print_filemode(unsigned short mode)
686{ 686{
687 if (S_ISDIR(mode)) 687 if (S_ISDIR(mode))
688 html("d"); 688 html("d");
689 else if (S_ISLNK(mode)) 689 else if (S_ISLNK(mode))
690 html("l"); 690 html("l");
691 else if (S_ISGITLINK(mode)) 691 else if (S_ISGITLINK(mode))
692 html("m"); 692 html("m");
693 else 693 else
694 html("-"); 694 html("-");
695 html_fileperm(mode >> 6); 695 html_fileperm(mode >> 6);
696 html_fileperm(mode >> 3); 696 html_fileperm(mode >> 3);
697 html_fileperm(mode); 697 html_fileperm(mode);
698} 698}
699 699
700void cgit_print_snapshot_links(const char *repo, const char *head, 700void cgit_print_snapshot_links(const char *repo, const char *head,
701 const char *hex, int snapshots) 701 const char *hex, int snapshots)