[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Gnatsweb: HTML escape patch
|
From: |
Yngve Svendsen |
|
Subject: |
Gnatsweb: HTML escape patch |
|
Date: |
Wed, 21 Mar 2001 23:41:13 +0100 |
This patch fixes a bug in Gnatsweb where the synopses of PRs aren't
properly escaped before being printed to the query results page. This
creates problems when a synopsis contains < and/or > characters. It is
against the latest CVS version of Gnatsweb 3.95.
This fixes
<http://gcc.gnu.org/cgi-bin/gnatsweb.pl?cmd=view&pr=961&database=gcc>
Gerald: I hope this applies without the problems you encountered with the
last patch from me.
- Yngve
gnatsweb.pl (display_query_results): Apply escapeHTML to $fieldcontents
before printing.
Index: gnatsweb.pl
===================================================================
RCS file: /cvs/gnats/gnats/contrib/gnatsweb/gnatsweb.pl,v
retrieving revision 2.27
diff -u -p -r2.27 gnatsweb.pl
--- gnatsweb.pl 2001/03/21 09:09:27 2.27
+++ gnatsweb.pl 2001/03/21 22:21:54
@@ -1816,6 +1816,7 @@ sub display_query_results
my $enumvals = fieldinfo($ufields[$whichfield], 'values');
$fieldcontents = $$enumvals[$fieldcontents - 1] || 'invalid';
}
+ $fieldcontents = $q->escapeHTML($fieldcontents);
print "<td nowrap>$fieldcontents";
$whichfield++;
}
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Gnatsweb: HTML escape patch,
Yngve Svendsen <=