]> granicus.if.org Git - pgbadger/commitdiff
projects / pgbadger / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a2b1247)
Escape HTML code inside queries. Thanks to denstark for the report.
authorDarold Gilles <gilles@darold.net>
Sun, 3 Mar 2013 09:28:02 +0000 (10:28 +0100)
committerDarold Gilles <gilles@darold.net>
Sun, 3 Mar 2013 09:28:02 +0000 (10:28 +0100)
pgbadger patch | blob | history

diff --git a/pgbadger b/pgbadger
index 839964c040fdc8b97c0227906715cb4184cf5f60..b5a01131fc26a7c8f8e9f8b0b5ce2ca426622df5 100755 (executable)
--- a/pgbadger
+++ b/pgbadger
@@ -4469,6 +4469,9 @@ sub highlight_code
 {
        my $code = shift;
 
+       # Try to escape HTML code
+       $code =~ s/<([\/a-zA-Z])\b/\&lt;$1/sg;
+
        # prettify SQL query
        if (!$noprettify) {
                $sql_prettified->query($code);
Unnamed repository; edit this file 'description' to name the repository.