aboutsummaryrefslogtreecommitdiffstats
path: root/html.c
Commit message (Collapse)AuthorAgeLines
* Properly escape ampersands inside HTML attributesGravatar Lukas Fleischer2011-05-31-1/+3
| | | | | | | | | Ampersands ("&") appearing inside HTML attributes need to be translated to "&amp;". Otherwise, invalid XHTML will be generated at various places, such as at tree views containing links to submodules. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Fix memory leak in http_parse_querystring().Gravatar Lukas Fleischer2011-05-24-2/+3
| | | | | Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Fix escaping of paths with spacesGravatar Jonathon Mah2011-05-24-4/+6
| | | | Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Merge branch 'stable'Gravatar Lars Hjemli2011-03-05-1/+1
|\
| * do not infloop on a query ending in %XY, for invalid hex X or YGravatar Jim Meyering2011-03-05-1/+1
| | | | | | | | | | | | | | | | | | | | | | When a query ends in say %gg, (or any invalid hex) e.g., http://git.gnome.org/browse/gdlmm/commit/?id=%gg convert_query_hexchar calls memmove(txt, txt+3, 0), and then returns txt-1, so the loop in http_parse_querystring never terminates. The solution is to make the memmove also copy the trailing NUL. * html.c (convert_query_hexchar): Fix off-by-one error. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* | html.c: use '+' to escape spaces in urlsGravatar Lars Hjemli2010-11-10-2/+2
| | | | | | | | Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* | prefer html_raw() to write()Gravatar Mark Lodato2010-09-05-9/+9
| | | | | | | | | | | | | | To make the code more consistent, and to not rely on the implementation of html(), always use html_raw(...) instead of write(htmlfd, ...). Signed-off-by: Mark Lodato <lodatom@gmail.com>
* | Merge branch 'stable'Gravatar Lars Hjemli2010-08-30-4/+5
|\ \ | |/
| * html: fix strcpy bug in convert_query_hexcharGravatar Mark Lodato2010-08-30-4/+5
| | | | | | | | | | | | | | | | The source and destination strings in strcpy() may not overlap. Instead, use memmove(), which allows overlap. This fixes test t0104, where 'url=foo%2bbar/tree' was being parsed improperly. Signed-off-by: Mark Lodato <lodatom@gmail.com>
* | html: properly percent-escape URLsGravatar Mark Lodato2010-02-10-4/+32
| | | | | | | | | | | | | | | | | | | | | | | | The only valid characters for a URL are unreserved characters a-zA-Z0-9_-.~ and the reserved characters !*'();:@&=+$,/?%#[] , as per RFC 3986. Everything else must be escaped. Additionally, the # and ? always have special meaning, and the &, =, and + have special meaning in a query string, so they too must be escaped. To make this easier, a table of escapes is now used so that we do not have to call fmt() for each character; if the entry is 0, no escaping is needed. Signed-off-by: Mark Lodato <lodatom@gmail.com>
* | html: make all strings 'const char *'Gravatar Mark Lodato2010-02-09-17/+17
|/ | | | | | | | None of the html_* functions modify their argument, so they can all be 'const char *' instead of a simple 'char *'. This removes the need to cast (or copy) when trying to print a const string. Signed-off-by: Mark Lodato <lodatom@gmail.com>
* html.c: use correct escaping in html attributesGravatar Lars Hjemli2009-01-30-2/+4
| | | | | | | First, an apostrophe is not a quote. Second, we also need to escape quotes. And finally, quotes are encoded as '&quot;', not '&quote;'. Sighned-off-by: Lars Hjemli <hjemli@gmail.com>
* html.c: add html_url_pathGravatar Lars Hjemli2008-10-05-0/+16
| | | | | | | This function can be used to generate properly escaped path-components for links. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* html.c: add html_url_argGravatar Lars Hjemli2008-10-05-0/+16
| | | | | | This function can be used to properly escape querystring parameter values. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Supply status description to html_status()Gravatar Lars Hjemli2008-08-07-2/+2
| | | | Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Implement plain viewGravatar Lars Hjemli2008-08-06-0/+5
| | | | | | | This implements a way to access plain blobs by path (similar to the tree view) instead of by sha1. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Add support for cloning over httpGravatar Lars Hjemli2008-08-06-0/+7
| | | | | | | This patch implements basic support for cloning over http, based on the work on git-http-backend by Shawn O. Pearce. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Print an error if filename is not found in html_include.Gravatar Harley Laue2008-04-30-1/+5
| | | | | | | | | | Normally when html_include cannot open the file it fails silently and things can be a bit hard to figure out from just looking at apache's log. This will be beneficial for those initially setting up their server with cgit. Signed-off-by: Harley Laue <losinggeneration@aim.com> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Merge branch 'lh/cleanup'Gravatar Lars Hjemli2008-04-09-19/+76
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * lh/cleanup: (21 commits) Reset ctx.repo to NULL when the config parser is finished Move cgit_parse_query() from parsing.c to html.c as http_parse_querystring() Move function for configfile parsing into configfile.[ch] Add cache.h Remove global and obsolete cgit_cmd Makefile: copy the QUIET constructs from the Makefile in git.git Move cgit_version from shared.c to cgit.c Makefile: autobuild dependency rules Initial Makefile cleanup Move non-generic functions from shared.c to cgit.c Add ui-shared.h Add separate header-files for each page/view Refactor snapshot support Add command dispatcher Remove obsolete cacheitem parameter to ui-functions Add struct cgit_page to cgit_context Introduce html.h Improve initialization of git directory Move cgit_repo into cgit_context Add all config variables into struct cgit_context ...
| * Move cgit_parse_query() from parsing.c to html.c as http_parse_querystring()Gravatar Lars Hjemli2008-04-09-0/+64
| | | | | | | | | | | | This is a generic http-function. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
| * Introduce html.hGravatar Lars Hjemli2008-03-18-19/+12
| | | | | | | | | | | | | | | | All html-functions can be quite easily separated from the rest of cgit, so lets do it; the only issue was html_filemode which uses some git-defined macros so the function is moved into ui-shared.c::cgit_print_filemode(). Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* | Merge branch 'stable'Gravatar Lars Hjemli2008-02-24-15/+5
|\ \ | |/ |/| | | | | | | | | * stable: Fix segfault Signed-off-by: Lars Hjemli <hjemli@gmail.com>
| * Fix segfaultGravatar Hiroki Hattori2008-02-24-15/+5
| | | | | | | | Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* | Fix html error detected by test-suiteGravatar Lars Hjemli2007-11-11-1/+1
|/ | | | Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Add html_option() functionGravatar Lars Hjemli2007-10-28-0/+12
| | | | | | This is a generic function used to output html "option" tags. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Rename dirlink to gitlink.Gravatar Jeffrey C. Ollie2007-06-05-1/+1
| | | | | | | Git changed from dirlink to gitlink in 302b9282c9ddfcc704ca759bdc98c1d5f75eba2f. Signed-off-by: Jeffrey C. Ollie <jeff@ocjtech.us>
* Add html_include()Gravatar Lars Hjemli2007-05-19-0/+14
| | | | | | | This is a function used to include external htmlfiles in cgit- generated pages. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Add submodule links in tree listingGravatar Lars Hjemli2007-05-11-1/+2
| | | | | | | | | When a submodule occurs in a tree, generate a link to show the module/commit. The link is specified as a sprintf string in /etc/cgitrc, using parameters 'module-link' and 'repo.module-link'. This should probably be extended with repo.module-link.$path. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Add generic support for search box in page headerGravatar Lars Hjemli2006-12-28-0/+10
| | | | | | | This adds the ability to show a search box in any pageheader with correct href and hidden form data, but does not enable the box on any pages. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Test for NULL-pointers in html_txt() and friendsGravatar Lars Hjemli2006-12-28-4/+3
| | | | Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Only show first 80 characters of commit subject in log and summaryGravatar Lars Hjemli2006-12-22-0/+28
| | | | Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Show list of modified files in ui-commit.cGravatar Lars Hjemli2006-12-18-0/+20
| | | | | | | | Compare current commit with 1.parent, and for each affected file display current filemode, old filemode if changed, current filename and source filename if it was a copy/rename. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Add license file and copyright noticesGravatar Lars Hjemli2006-12-11-0/+8
| | | | Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Add caching infrastructureGravatar Lars Hjemli2006-12-11-2/+4
| | | | | | | | | | | | | | | | | | | | | | This enables internal caching of page output. Page requests are split into four groups: 1) repo listing (front page) 2) repo summary 3) repo pages w/symbolic references in query string 4) repo pages w/constant sha1's in query string Each group has a TTL specified in minutes. When a page is requested, a cached filename is stat(2)'ed and st_mtime is compared to time(2). If TTL has expired (or the file didn't exist), the cached file is regenerated. When generating a cached file, locking is used to avoid parallell processing of the request. If multiple processes tries to aquire the same lock, the ones who fail to get the lock serves the (expired) cached file. If the cached file don't exist, the process instead calls sched_yield(2) before restarting the request processing. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* Import cgit prototype from git treeGravatar Lars Hjemli2006-12-09-0/+100
This enables basic cgit functionality, using libgit.a and xdiff/lib.a from git + a custom "git.h" + openssl for sha1 routines. Signed-off-by: Lars Hjemli <hjemli@gmail.com>