]> granicus.if.org Git - cgit/commitdiff
projects / cgit / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3d8a650)
ui-refs: escape HTML chars in author and tagger names
authorJohn Keeping <john@keeping.me.uk>
Sun, 12 Jan 2014 19:45:15 +0000 (19:45 +0000)
committerJason A. Donenfeld <Jason@zx2c4.com>
Sun, 12 Jan 2014 22:02:02 +0000 (23:02 +0100)
Everywhere else we use html_txt to escape any special characters in
these variables.  Do so here as well.

Signed-off-by: John Keeping <john@keeping.me.uk>
ui-refs.c patch | blob | history

diff --git a/ui-refs.c b/ui-refs.c
index 20c91e3c2401d7da4d6fa3c634623ef60f71e5fe..c97b0c62924cc08c1e54bbcb4958d8c5898abb1e 100644 (file)
--- a/ui-refs.c
+++ b/ui-refs.c
@@ -155,9 +155,9 @@ static int print_tag(struct refinfo *ref)
        html("</td><td>");
        if (info) {
                if (info->tagger)
-                       html(info->tagger);
+                       html_txt(info->tagger);
        } else if (ref->object->type == OBJ_COMMIT) {
-               html(ref->commit->author);
+               html_txt(ref->commit->author);
        }
        html("</td><td colspan='2'>");
        if (info) {
Unnamed repository; edit this file 'description' to name the repository.