Wed Nov  9 00:43:55 UTC 2005  Alberto Bertogli <albertogli@telpin.com.ar>
  * Extend escape() to escape '"' too.
diff -rN -u old-darcsweb/darcsweb.cgi new-darcsweb/darcsweb.cgi
--- old-darcsweb/darcsweb.cgi	2015-04-18 08:11:32.000000000 +0000
+++ new-darcsweb/darcsweb.cgi	2015-04-18 08:11:32.000000000 +0000
@@ -17,7 +17,7 @@
 import cgitb; cgitb.enable()
 import urllib
 import xml.sax
-from xml.sax.saxutils import escape
+from xml.sax.saxutils import escape as xml_escape
 
 
 # empty configuration class, we will fill it in later depending on the repo
@@ -106,6 +106,10 @@
 		s = s.encode('raw_unicode_escape', 'replace')
 	return s
 
+def escape(s):
+	s = xml_escape(s)
+	s = s.replace('"', '&quot;')
+	return s
 
 def how_old(epoch):
 	age = int(time.time()) - int(epoch)
@@ -890,7 +894,7 @@
 			'myrname': config.myreponame,
 			'hash': p.hash,
 			'name': shorten_str(p.name),
-			'fullname': p.name,
+			'fullname': escape(p.name),
 		}
 		print "</tr>"