diff options
author | Lars Hjemli <hjemli@gmail.com> | 2008-10-06 02:25:47 (JST) |
---|---|---|
committer | Lars Hjemli <hjemli@gmail.com> | 2008-10-06 02:25:47 (JST) |
commit | 2e884f3162771880a2a5260713d6b7d1aa25bc6f (patch) | |
tree | 6d7193cc2ce766ac3d350ba3f2ea20e546ec5344 /ui-shared.c | |
parent | b7f33786ef4b155a11b0324f84bbde5d7fc9c998 (diff) | |
download | cgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.zip cgit-2e884f3162771880a2a5260713d6b7d1aa25bc6f.tar.gz |
ui-shared: use html_url_path() to get properly escaped url in form action
When a repo uses an url with e.g. '#' or '?' characters this needs to be
properly escaped when used as action in a form tag.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Diffstat (limited to 'ui-shared.c')
-rw-r--r-- | ui-shared.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ui-shared.c b/ui-shared.c index f858ab6..1e12529 100644 --- a/ui-shared.c +++ b/ui-shared.c | |||
@@ -649,8 +649,8 @@ void cgit_print_pageheader(struct cgit_context *ctx) | |||
649 | html("</td><td class='form'>"); | 649 | html("</td><td class='form'>"); |
650 | html("<form class='right' method='get' action='"); | 650 | html("<form class='right' method='get' action='"); |
651 | if (ctx->cfg.virtual_root) | 651 | if (ctx->cfg.virtual_root) |
652 | html_attr(cgit_fileurl(ctx->qry.repo, "log", | 652 | html_url_path(cgit_fileurl(ctx->qry.repo, "log", |
653 | ctx->qry.path, NULL)); | 653 | ctx->qry.path, NULL)); |
654 | html("'>\n"); | 654 | html("'>\n"); |
655 | add_hidden_formfields(1, 0, "log"); | 655 | add_hidden_formfields(1, 0, "log"); |
656 | html("<select name='qt'>\n"); | 656 | html("<select name='qt'>\n"); |