Sat Jul 23 21:47:55 UTC 2005  Alberto Bertogli <albertogli@telpin.com.ar>
  * Escape comments properly in the log view.
diff -rN -u old-darcsweb/darcsweb.cgi new-darcsweb/darcsweb.cgi
--- old-darcsweb/darcsweb.cgi	2015-11-11 03:23:48.000000000 +0000
+++ new-darcsweb/darcsweb.cgi	2015-11-11 03:23:48.000000000 +0000
@@ -595,7 +595,8 @@
 
 	for p in ps:
 		if p.comment:
-			fmt_comment = p.comment.replace('\n', '<br/>') + '\n'
+			comment = escape(p.comment)
+			fmt_comment = comment.replace('\n', '<br/>') + '\n'
 			fmt_comment += '<br/><br/>'
 		else:
 			fmt_comment = ''
@@ -623,7 +624,7 @@
 			'author': p.shortauthor,
 			'hash': p.hash,
 			'desc': escape(p.name),
-			'comment': escape(fmt_comment)
+			'comment': fmt_comment
 		}
 
 	if len(ps) >= last: