Tue Dec 27 03:19:14 UTC 2005 Michael Allan <mike@zelea.com>
* Escape patch names.
When patch names used in HTML, escape characters like '<'.
{
hunk ./darcsweb.cgi 1015
- 'name': shorten_str(p.name),
+ 'name': escape(shorten_str(p.name)),
hunk ./darcsweb.cgi 1266
- 'name': p.name,
+ 'name': escape(p.name),
hunk ./darcsweb.cgi 1290
- 'name': p.name,
+ 'name': escape(p.name),
hunk ./darcsweb.cgi 1319
- 'name': p.name,
+ 'name': escape(p.name),
hunk ./darcsweb.cgi 1344
- 'name': p.name,
+ 'name': escape(p.name),
hunk ./darcsweb.cgi 1371
- 'name': p.name,
+ 'name': escape(p.name),
hunk ./darcsweb.cgi 1396
- 'name': p.name,
+ 'name': escape(p.name),
hunk ./darcsweb.cgi 1419
- 'name': p.name,
+ 'name': escape(p.name),
hunk ./darcsweb.cgi 1445
- 'name': p.name,
+ 'name': escape(p.name),
hunk ./darcsweb.cgi 1481
- 'name': p.name,
+ 'name': escape(p.name),
hunk ./darcsweb.cgi 1486
- print p.name, '<br/><br/>'
+ print escape(p.name), '<br/><br/>'
}