Welcome to mirror list, hosted at ThFree Co, Russian Federation.

git.zx2c4.com/cgit.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/ui-diff.c
diff options
context:
space:
mode:
authorLukas Fleischer <cgit@cryptocrack.de>2011-07-22 15:47:19 +0400
committerLars Hjemli <hjemli@gmail.com>2011-07-22 16:21:28 +0400
commitbebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5 (patch)
tree33e28db20cbae2aa513ccec38c7d4706654eed46 /ui-diff.c
parent1e25ac5b8fe0ca8760b2786b20d36013a6197e02 (diff)
Fix potential XSS vulnerability in rename hint
The file name displayed in the rename hint should be escaped to avoid XSS. Note that this vulnerability is only applicable when an attacker has gained push access to the repository. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Diffstat (limited to 'ui-diff.c')
-rw-r--r--ui-diff.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/ui-diff.c b/ui-diff.c
index d21541b..383a534 100644
--- a/ui-diff.c
+++ b/ui-diff.c
@@ -97,10 +97,12 @@ static void print_fileinfo(struct fileinfo *info)
htmlf("</td><td class='%s'>", class);
cgit_diff_link(info->new_path, NULL, NULL, ctx.qry.head, ctx.qry.sha1,
ctx.qry.sha2, info->new_path, 0);
- if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED)
- htmlf(" (%s from %s)",
- info->status == DIFF_STATUS_COPIED ? "copied" : "renamed",
- info->old_path);
+ if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) {
+ htmlf(" (%s from ",
+ info->status == DIFF_STATUS_COPIED ? "copied" : "renamed");
+ html_txt(info->old_path);
+ html(")");
+ }
html("</td><td class='right'>");
if (info->binary) {
htmlf("bin</td><td class='graph'>%ld -> %ld bytes",
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-13 17:19:55 +0300