aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar John Keeping <john@keeping.me.uk>2014-01-13 04:45:16 (JST)
committerGravatar Jason A. Donenfeld <Jason@zx2c4.com>2014-01-13 07:02:19 (JST)
commita45030f8ee10bc97ffcf1bf0061a2e6f22c7252a (patch)
treea4e955fdb42b6f6dd2b2015977c99daa031dbf52
parentd1a6ece439e651a5b4ca535850e1c471f61c472e (diff)
downloadcgit-a45030f8ee10bc97ffcf1bf0061a2e6f22c7252a.zip
cgit-a45030f8ee10bc97ffcf1bf0061a2e6f22c7252a.tar.gz
ui-shared: URL-escape script_name
As far as I know, there is no requirement that $SCRIPT_NAME contain only URL-safe characters, so we need to make sure that any special characters are escaped. Signed-off-by: John Keeping <john@keeping.me.uk>
-rw-r--r--ui-shared.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/ui-shared.c b/ui-shared.c
index 2c12de7..abe15cd 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -139,7 +139,7 @@ static void site_url(const char *page, const char *search, const char *sort, int
139 if (ctx.cfg.virtual_root) 139 if (ctx.cfg.virtual_root)
140 html_attr(ctx.cfg.virtual_root); 140 html_attr(ctx.cfg.virtual_root);
141 else 141 else
142 html(ctx.cfg.script_name); 142 html_url_path(ctx.cfg.script_name);
143 143
144 if (page) { 144 if (page) {
145 htmlf("?p=%s", page); 145 htmlf("?p=%s", page);
@@ -219,7 +219,7 @@ static char *repolink(const char *title, const char *class, const char *page,
219 html_url_path(path); 219 html_url_path(path);
220 } 220 }
221 } else { 221 } else {
222 html(ctx.cfg.script_name); 222 html_url_path(ctx.cfg.script_name);
223 html("?url="); 223 html("?url=");
224 html_url_arg(ctx.repo->url); 224 html_url_arg(ctx.repo->url);
225 if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/') 225 if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/')