From 63abfc7538508ff74ea6c9e9bd63764cc4158472 Mon Sep 17 00:00:00 2001 From: Thom May Date: Thu, 30 Oct 2003 16:43:45 +0000 Subject: [PATCH] * modules/generators/mod_info.c: (mod_info_module_cmds) ap_escape_html() all directives and arguments. PR: 24232 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101626 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 3 +++ modules/generators/mod_info.c | 11 +++++++---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/CHANGES b/CHANGES index e9585e5137..85ef4d7d0c 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,9 @@ Changes with Apache 2.1.0-dev [Remove entries to the current 2.0 section below, when backported] + *) mod_info: HTML escape configuration information so it displays + correctly. PR 24232. [Thom May] + *) mod_status: Report total CPU time accurately when using a threaded MPM. PR 23795. [Jeff Trawick] diff --git a/modules/generators/mod_info.c b/modules/generators/mod_info.c index 9dffaf5b08..888cb1383f 100644 --- a/modules/generators/mod_info.c +++ b/modules/generators/mod_info.c @@ -181,7 +181,7 @@ static void mod_info_module_cmds(request_rec * r, const command_rec * cmds, if (nest > block_start) { block_start++; apr_snprintf(htmlstring, sizeof(htmlstring), "%s %s", - tmptree->parent->directive, + tmptree->parent->directive, tmptree->parent->args); ap_rputs("
", r); mod_info_html_cmd_string(r, htmlstring, 0); @@ -190,15 +190,18 @@ static void mod_info_module_cmds(request_rec * r, const command_rec * cmds, if (nest == 2) { ap_rprintf(r, "
    %s " "%s
\n", - tmptree->directive, tmptree->args); + ap_escape_html(r->pool,tmptree->directive), + ap_escape_html(r->pool,tmptree->args)); } else if (nest == 1) { ap_rprintf(r, "
  %s %s
\n", - tmptree->directive, tmptree->args); + ap_escape_html(r->pool,tmptree->directive), + ap_escape_html(r->pool,tmptree->args)); } else { ap_rputs("
", r); mod_info_html_cmd_string(r, tmptree->directive, 0); - ap_rprintf(r, " %s
\n", tmptree->args); + ap_rprintf(r, " %s
\n", + ap_escape_html(r->pool,tmptree->args)); } } ++cmd; -- 2.40.0