diff options
| author | John Keeping | 2014-01-12 19:45:16 +0000 |
|---|---|---|
| committer | Jason A. Donenfeld | 2014-01-12 23:02:19 +0100 |
| commit | a45030f8ee10bc97ffcf1bf0061a2e6f22c7252a (patch) | |
| tree | a4e955fdb42b6f6dd2b2015977c99daa031dbf52 /ui-shared.c | |
| parent | d1a6ece439e651a5b4ca535850e1c471f61c472e (diff) | |
| download | cgit-a45030f8ee10bc97ffcf1bf0061a2e6f22c7252a.tar.gz cgit-a45030f8ee10bc97ffcf1bf0061a2e6f22c7252a.tar.bz2 cgit-a45030f8ee10bc97ffcf1bf0061a2e6f22c7252a.zip | |
ui-shared: URL-escape script_name
As far as I know, there is no requirement that $SCRIPT_NAME contain only
URL-safe characters, so we need to make sure that any special characters
are escaped.
Signed-off-by: John Keeping <john@keeping.me.uk>
Diffstat (limited to 'ui-shared.c')
| -rw-r--r-- | ui-shared.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ui-shared.c b/ui-shared.c index 2c12de7..abe15cd 100644 --- a/ui-shared.c +++ b/ui-shared.c | |||
| @@ -139,7 +139,7 @@ static void site_url(const char *page, const char *search, const char *sort, int | |||
| 139 | if (ctx.cfg.virtual_root) | 139 | if (ctx.cfg.virtual_root) |
| 140 | html_attr(ctx.cfg.virtual_root); | 140 | html_attr(ctx.cfg.virtual_root); |
| 141 | else | 141 | else |
| 142 | html(ctx.cfg.script_name); | 142 | html_url_path(ctx.cfg.script_name); |
| 143 | 143 | ||
| 144 | if (page) { | 144 | if (page) { |
| 145 | htmlf("?p=%s", page); | 145 | htmlf("?p=%s", page); |
| @@ -219,7 +219,7 @@ static char *repolink(const char *title, const char *class, const char *page, | |||
| 219 | html_url_path(path); | 219 | html_url_path(path); |
| 220 | } | 220 | } |
| 221 | } else { | 221 | } else { |
| 222 | html(ctx.cfg.script_name); | 222 | html_url_path(ctx.cfg.script_name); |
| 223 | html("?url="); | 223 | html("?url="); |
| 224 | html_url_arg(ctx.repo->url); | 224 | html_url_arg(ctx.repo->url); |
| 225 | if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/') | 225 | if (ctx.repo->url[strlen(ctx.repo->url) - 1] != '/') |