]> granicus.if.org Git - pgbadger/commitdiff
projects / pgbadger / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 592f031)
Escape HTML tags on error messages examples. Thanks to Mael Rimbault for the report.
authorDarold Gilles <gilles@darold.net>
Mon, 24 Jun 2013 21:04:49 +0000 (23:04 +0200)
committerDarold Gilles <gilles@darold.net>
Mon, 24 Jun 2013 21:04:49 +0000 (23:04 +0200)
pgbadger patch | blob | history

diff --git a/pgbadger b/pgbadger
index 2aba37fe8d5323865b2cb851fda59594e66e1ab3..930bb7aeeb6aa2ebc60ea88b76df99a9622f54f1 100755 (executable)
--- a/pgbadger
+++ b/pgbadger
@@ -4434,7 +4434,7 @@ sub show_error_as_html
                        $msg =~ s/ERROR:  (database system was shut down)/LOG:  $1/;
                        $msg =~ s/ERROR:  (database system was interrupted while in recovery)/LOG:  $1/;
                        $msg =~ s/ERROR:  (recovery has paused)/LOG:  $1/;
-                       # Try to escape HTML code
+                       # Escape HTML code in error message
                        $msg =~ s/<([\/a-zA-Z])\b/\&lt;$1/sg;
                        print $fh "<td><div class=\"error\">$msg</div>";
                        print $fh
@@ -4448,7 +4448,7 @@ sub show_error_as_html
                                        $logs_type{ERROR}--;
                                        $logs_type{LOG}++;
                                }
-                               # Try to escape HTML code
+                               # Escape HTML code in error message
                                $error_info{$k}{statement}[$i] =~ s/<([\/a-zA-Z])\b/\&lt;$1/sg if ($error_info{$k}{statement}[$i]);
 
                                my $c = $i % 2;
@@ -4472,7 +4472,7 @@ sub show_error_as_html
                                $logs_type{ERROR}--;
                                $logs_type{LOG}++;
                        }
-                       # Try to escape HTML code
+                       # Escape HTML code in error message
                        $error_info{$k}{statement}[0] =~ s/<([\/a-zA-Z])\b/\&lt;$1/sg if ($error_info{$k}{statement}[0]);
 
                        print $fh "<td><div class=\"error\" title=\"$error_info{$k}{date}[0]\">$error_info{$k}{error}[0]</div>";
@@ -4990,7 +4990,7 @@ sub highlight_code
 {
        my $code = shift;
 
-       # Try to escape HTML code
+       # Escape HTML code into SQL values
        $code =~ s/<([\/a-zA-Z])\b/\&lt;$1/sg;
 
        # Do not try to prettify queries longuer
Unnamed repository; edit this file 'description' to name the repository.