Thu Feb 23 18:34:51 UTC 2006  Alberto Bertogli <albertogli@telpin.com.ar>
  * Filter '"' in filenames.
  For security, don't allow '"' in filenames.
  If there is high demand, some alternative workaround could be implemented.
diff -rN -u old-darcsweb/darcsweb.cgi new-darcsweb/darcsweb.cgi
--- old-darcsweb/darcsweb.cgi	2015-04-15 14:55:50.000000000 +0000
+++ new-darcsweb/darcsweb.cgi	2015-04-15 14:55:50.000000000 +0000
@@ -66,7 +66,7 @@
 
 
 def filter_file(s):
-	if '..' in s:
+	if '..' in s or '"' in s:
 		raise 'FilterFile FAILED'
 	if s == '/':
 		return s