|
|
|
|
@ -1097,6 +1097,13 @@ sub esc_url {
|
|
|
|
|
return $str;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# quote unsafe characters in HTML attributes
|
|
|
|
|
sub esc_attr {
|
|
|
|
|
|
|
|
|
|
# for XHTML conformance escaping '"' to '"' is not enough
|
|
|
|
|
return esc_html(@_);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# replace invalid utf8 character with SUBSTITUTION sequence
|
|
|
|
|
sub esc_html {
|
|
|
|
|
my $str = shift;
|
|
|
|
|
@ -1502,7 +1509,7 @@ sub format_ref_marker {
|
|
|
|
|
hash=>$dest
|
|
|
|
|
)}, $name);
|
|
|
|
|
|
|
|
|
|
$markers .= " <span class=\"$class\" title=\"$ref\">" .
|
|
|
|
|
$markers .= " <span class=\"".esc_attr($class)."\" title=\"".esc_attr($ref)."\">" .
|
|
|
|
|
$link . "</span>";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
@ -1586,7 +1593,7 @@ sub git_get_avatar {
|
|
|
|
|
return $pre_white .
|
|
|
|
|
"<img width=\"$size\" " .
|
|
|
|
|
"class=\"avatar\" " .
|
|
|
|
|
"src=\"$url\" " .
|
|
|
|
|
"src=\"".esc_url($url)."\" " .
|
|
|
|
|
"alt=\"\" " .
|
|
|
|
|
"/>" . $post_white;
|
|
|
|
|
} else {
|
|
|
|
|
@ -2258,7 +2265,7 @@ sub git_show_project_tagcloud {
|
|
|
|
|
} else {
|
|
|
|
|
my @tags = sort { $cloud->{$a}->{count} <=> $cloud->{$b}->{count} } keys %$cloud;
|
|
|
|
|
return '<p align="center">' . join (', ', map {
|
|
|
|
|
"<a href=\"$home_link?by_tag=$_\">$cloud->{$_}->{topname}</a>"
|
|
|
|
|
$cgi->a({-href=>"$home_link?by_tag=$_"}, $cloud->{$_}->{topname})
|
|
|
|
|
} splice(@tags, 0, $count)) . '</p>';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
@ -3074,11 +3081,11 @@ EOF
|
|
|
|
|
# print out each stylesheet that exist, providing backwards capability
|
|
|
|
|
# for those people who defined $stylesheet in a config file
|
|
|
|
|
if (defined $stylesheet) {
|
|
|
|
|
print '<link rel="stylesheet" type="text/css" href="'.$stylesheet.'"/>'."\n";
|
|
|
|
|
print '<link rel="stylesheet" type="text/css" href="'.esc_url($stylesheet).'"/>'."\n";
|
|
|
|
|
} else {
|
|
|
|
|
foreach my $stylesheet (@stylesheets) {
|
|
|
|
|
next unless $stylesheet;
|
|
|
|
|
print '<link rel="stylesheet" type="text/css" href="'.$stylesheet.'"/>'."\n";
|
|
|
|
|
print '<link rel="stylesheet" type="text/css" href="'.esc_url($stylesheet).'"/>'."\n";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (defined $project) {
|
|
|
|
|
@ -3091,7 +3098,7 @@ EOF
|
|
|
|
|
my $type = lc($format);
|
|
|
|
|
my %link_attr = (
|
|
|
|
|
'-rel' => 'alternate',
|
|
|
|
|
'-title' => "$project - $href_params{'-title'} - $format feed",
|
|
|
|
|
'-title' => esc_attr("$project - $href_params{'-title'} - $format feed"),
|
|
|
|
|
'-type' => "application/$type+xml"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
@ -3118,13 +3125,13 @@ EOF
|
|
|
|
|
} else {
|
|
|
|
|
printf('<link rel="alternate" title="%s projects list" '.
|
|
|
|
|
'href="%s" type="text/plain; charset=utf-8" />'."\n",
|
|
|
|
|
$site_name, href(project=>undef, action=>"project_index"));
|
|
|
|
|
esc_attr($site_name), href(project=>undef, action=>"project_index"));
|
|
|
|
|
printf('<link rel="alternate" title="%s projects feeds" '.
|
|
|
|
|
'href="%s" type="text/x-opml" />'."\n",
|
|
|
|
|
$site_name, href(project=>undef, action=>"opml"));
|
|
|
|
|
esc_attr($site_name), href(project=>undef, action=>"opml"));
|
|
|
|
|
}
|
|
|
|
|
if (defined $favicon) {
|
|
|
|
|
print qq(<link rel="shortcut icon" href="$favicon" type="image/png" />\n);
|
|
|
|
|
print qq(<link rel="shortcut icon" href=").esc_url($favicon).qq(" type="image/png" />\n);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
print "</head>\n" .
|
|
|
|
|
@ -3137,7 +3144,7 @@ EOF
|
|
|
|
|
print "<div class=\"page_header\">\n" .
|
|
|
|
|
$cgi->a({-href => esc_url($logo_url),
|
|
|
|
|
-title => $logo_label},
|
|
|
|
|
qq(<img src="$logo" width="72" height="27" alt="git" class="logo"/>));
|
|
|
|
|
qq(<img src=").esc_url($logo).qq(" width="72" height="27" alt="git" class="logo"/>));
|
|
|
|
|
print $cgi->a({-href => esc_url($home_link)}, $home_link_str) . " / ";
|
|
|
|
|
if (defined $project) {
|
|
|
|
|
print $cgi->a({-href => href(action=>"summary")}, esc_html($project));
|
|
|
|
|
@ -5045,14 +5052,14 @@ sub git_blob {
|
|
|
|
|
} else {
|
|
|
|
|
print "<div class=\"page_nav\">\n" .
|
|
|
|
|
"<br/><br/></div>\n" .
|
|
|
|
|
"<div class=\"title\">$hash</div>\n";
|
|
|
|
|
"<div class=\"title\">".esc_html($hash)."</div>\n";
|
|
|
|
|
}
|
|
|
|
|
git_print_page_path($file_name, "blob", $hash_base);
|
|
|
|
|
print "<div class=\"page_body\">\n";
|
|
|
|
|
if ($mimetype =~ m!^image/!) {
|
|
|
|
|
print qq!<img type="$mimetype"!;
|
|
|
|
|
print qq!<img type="!.esc_attr($mimetype).qq!"!;
|
|
|
|
|
if ($file_name) {
|
|
|
|
|
print qq! alt="$file_name" title="$file_name"!;
|
|
|
|
|
print qq! alt="!.esc_attr($file_name).qq!" title="!.esc_attr($file_name).qq!"!;
|
|
|
|
|
}
|
|
|
|
|
print qq! src="! .
|
|
|
|
|
href(action=>"blob_plain", hash=>$hash,
|
|
|
|
|
@ -5064,7 +5071,8 @@ sub git_blob {
|
|
|
|
|
chomp $line;
|
|
|
|
|
$nr++;
|
|
|
|
|
$line = untabify($line);
|
|
|
|
|
printf "<div class=\"pre\"><a id=\"l%i\" href=\"" . href(-replay => 1)
|
|
|
|
|
printf "<div class=\"pre\"><a id=\"l%i\" href=\""
|
|
|
|
|
. esc_attr(href(-replay => 1))
|
|
|
|
|
. "#l%i\" class=\"linenr\">%4i</a> %s</div>\n",
|
|
|
|
|
$nr, $nr, $nr, esc_html($line, -nbsp=>1);
|
|
|
|
|
}
|
|
|
|
|
@ -5124,7 +5132,7 @@ sub git_tree {
|
|
|
|
|
undef $hash_base;
|
|
|
|
|
print "<div class=\"page_nav\">\n";
|
|
|
|
|
print "<br/><br/></div>\n";
|
|
|
|
|
print "<div class=\"title\">$hash</div>\n";
|
|
|
|
|
print "<div class=\"title\">".esc_html($hash)."</div>\n";
|
|
|
|
|
}
|
|
|
|
|
if (defined $file_name) {
|
|
|
|
|
$basedir = $file_name;
|
|
|
|
|
@ -5543,7 +5551,7 @@ sub git_blobdiff {
|
|
|
|
|
git_print_header_div('commit', esc_html($co{'title'}), $hash_base);
|
|
|
|
|
} else {
|
|
|
|
|
print "<div class=\"page_nav\"><br/>$formats_nav<br/></div>\n";
|
|
|
|
|
print "<div class=\"title\">$hash vs $hash_parent</div>\n";
|
|
|
|
|
print "<div class=\"title\">".esc_html("$hash vs $hash_parent")."</div>\n";
|
|
|
|
|
}
|
|
|
|
|
if (defined $file_name) {
|
|
|
|
|
git_print_page_path($file_name, "blob", $hash_base);
|
|
|
|
|
|
Junio C Hamano