html escaping complication
Can't escape things to entities if the template then escapes the entities. (aggregate doesn't have this problem.)
parent
15269fed64
commit
e307eeda3d
|
@ -160,10 +160,12 @@ sub store ($$$) { #{{{
|
|||
);
|
||||
}
|
||||
|
||||
# escape wikilinks and preprocessor stuff in commit messages
|
||||
if (ref $change->{message}) {
|
||||
foreach my $field (@{$change->{message}}) {
|
||||
if (exists $field->{line}) {
|
||||
# escape html
|
||||
$field->{line} = encode_entities($field->{line});
|
||||
# escape links and preprocessor stuff
|
||||
$field->{line} = encode_entities($field->{line}, '\[\]');
|
||||
}
|
||||
}
|
||||
|
|
|
@ -39,6 +39,8 @@ sub pagetemplate (@) { #{{{
|
|||
else {
|
||||
$diff=join("", @lines);
|
||||
}
|
||||
# escape html
|
||||
$diff = encode_entities($diff);
|
||||
# escape links and preprocessor stuff
|
||||
$diff = encode_entities($diff, '\[\]');
|
||||
$template->param(diff => $diff);
|
||||
|
|
|
@ -32,14 +32,14 @@
|
|||
<div class=changelog>
|
||||
<TMPL_LOOP NAME="MESSAGE">
|
||||
<TMPL_IF NAME="LINE">
|
||||
<TMPL_VAR NAME="LINE" ESCAPE="HTML"><br />
|
||||
<TMPL_VAR NAME="LINE"><br />
|
||||
</TMPL_IF>
|
||||
</TMPL_LOOP>
|
||||
</div>
|
||||
<TMPL_IF NAME="DIFF">
|
||||
<div class=diff>
|
||||
<pre>
|
||||
<TMPL_VAR NAME="DIFF" ESCAPE="HTML">
|
||||
<TMPL_VAR NAME="DIFF">
|
||||
</pre>
|
||||
</div>
|
||||
</TMPL_IF>
|
||||
|
|
Loading…
Reference in New Issue