ui-shared: use html_url_path() to get properly escaped url in form action
When a repo uses an url with e.g. '#' or '?' characters this needs to be properly escaped when used as action in a form tag. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This commit is contained in:
джерело
b7f33786ef
коміт
2e884f3162
@ -649,7 +649,7 @@ void cgit_print_pageheader(struct cgit_context *ctx)
|
|||||||
html("</td><td class='form'>");
|
html("</td><td class='form'>");
|
||||||
html("<form class='right' method='get' action='");
|
html("<form class='right' method='get' action='");
|
||||||
if (ctx->cfg.virtual_root)
|
if (ctx->cfg.virtual_root)
|
||||||
html_attr(cgit_fileurl(ctx->qry.repo, "log",
|
html_url_path(cgit_fileurl(ctx->qry.repo, "log",
|
||||||
ctx->qry.path, NULL));
|
ctx->qry.path, NULL));
|
||||||
html("'>\n");
|
html("'>\n");
|
||||||
add_hidden_formfields(1, 0, "log");
|
add_hidden_formfields(1, 0, "log");
|
||||||
|
Завантаження…
Посилання в новій задачі
Block a user