aboutsummaryrefslogtreecommitdiffstats
path: root/html.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2011-05-30Properly escape ampersands inside HTML attributesLukas Fleischer1-1/+3
Ampersands ("&") appearing inside HTML attributes need to be translated to "&amp;". Otherwise, invalid XHTML will be generated at various places, such as at tree views containing links to submodules. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23Fix memory leak in http_parse_querystring().Lukas Fleischer1-2/+3
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23Fix escaping of paths with spacesJonathon Mah1-4/+6
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-03-06html.c: add html_intoption()Lars Hjemli1-0/+8
This is similar to html_option, but for int values. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-03-05do not infloop on a query ending in %XY, for invalid hex X or YJim Meyering1-1/+1
When a query ends in say %gg, (or any invalid hex) e.g., http://git.gnome.org/browse/gdlmm/commit/?id=%gg convert_query_hexchar calls memmove(txt, txt+3, 0), and then returns txt-1, so the loop in http_parse_querystring never terminates. The solution is to make the memmove also copy the trailing NUL. * html.c (convert_query_hexchar): Fix off-by-one error. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-10html.c: use '+' to escape spaces in urlsLars Hjemli1-2/+2
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-09-04prefer html_raw() to write()Mark Lodato1-9/+9
To make the code more consistent, and to not rely on the implementation of html(), always use html_raw(...) instead of write(htmlfd, ...). Signed-off-by: Mark Lodato <lodatom@gmail.com>
2010-08-29html: fix strcpy bug in convert_query_hexcharMark Lodato1-4/+5
The source and destination strings in strcpy() may not overlap. Instead, use memmove(), which allows overlap. This fixes test t0104, where 'url=foo%2bbar/tree' was being parsed improperly. Signed-off-by: Mark Lodato <lodatom@gmail.com>
2010-02-09html: properly percent-escape URLsMark Lodato1-4/+32
The only valid characters for a URL are unreserved characters a-zA-Z0-9_-.~ and the reserved characters !*'();:@&=+$,/?%#[] , as per RFC 3986. Everything else must be escaped. Additionally, the # and ? always have special meaning, and the &, =, and + have special meaning in a query string, so they too must be escaped. To make this easier, a table of escapes is now used so that we do not have to call fmt() for each character; if the entry is 0, no escaping is needed. Signed-off-by: Mark Lodato <lodatom@gmail.com>
2010-02-08html: make all strings 'const char *'Mark Lodato1-17/+17
None of the html_* functions modify their argument, so they can all be 'const char *' instead of a simple 'char *'. This removes the need to cast (or copy) when trying to print a const string. Signed-off-by: Mark Lodato <lodatom@gmail.com>
2009-01-29html.c: use correct escaping in html attributesLars Hjemli1-2/+4
First, an apostrophe is not a quote. Second, we also need to escape quotes. And finally, quotes are encoded as '&quot;', not '&quote;'. Sighned-off-by: Lars Hjemli <hjemli@gmail.com>
2008-10-05html.c: add html_url_pathLars Hjemli1-0/+16
This function can be used to generate properly escaped path-components for links. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-10-05html.c: add html_url_argLars Hjemli1-0/+16
This function can be used to properly escape querystring parameter values. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-08-06Supply status description to html_status()Lars Hjemli1-2/+2
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-08-06Implement plain viewLars Hjemli1-0/+5
This implements a way to access plain blobs by path (similar to the tree view) instead of by sha1. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-08-06Add support for cloning over httpLars Hjemli1-0/+7
This patch implements basic support for cloning over http, based on the work on git-http-backend by Shawn O. Pearce. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-04-29Print an error if filename is not found in html_include.Harley Laue1-1/+5
Normally when html_include cannot open the file it fails silently and things can be a bit hard to figure out from just looking at apache's log. This will be beneficial for those initially setting up their server with cgit. Signed-off-by: Harley Laue <losinggeneration@aim.com> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-04-08Move cgit_parse_query() from parsing.c to html.c as http_parse_querystring()Lars Hjemli1-0/+64
This is a generic http-function. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-03-18Introduce html.hLars Hjemli1-19/+12
All html-functions can be quite easily separated from the rest of cgit, so lets do it; the only issue was html_filemode which uses some git-defined macros so the function is moved into ui-shared.c::cgit_print_filemode(). Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-02-23Fix segfaultHiroki Hattori1-15/+5
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-11-11Fix html error detected by test-suiteLars Hjemli1-1/+1
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-28Add html_option() functionLars Hjemli1-0/+12
This is a generic function used to output html "option" tags. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-06-04Rename dirlink to gitlink.Jeffrey C. Ollie1-1/+1
Git changed from dirlink to gitlink in 302b9282c9ddfcc704ca759bdc98c1d5f75eba2f. Signed-off-by: Jeffrey C. Ollie <jeff@ocjtech.us>
2007-05-18Add html_include()Lars Hjemli1-0/+14
This is a function used to include external htmlfiles in cgit- generated pages. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-05-11Add submodule links in tree listingLars Hjemli1-1/+2
When a submodule occurs in a tree, generate a link to show the module/commit. The link is specified as a sprintf string in /etc/cgitrc, using parameters 'module-link' and 'repo.module-link'. This should probably be extended with repo.module-link.$path. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2006-12-28Add generic support for search box in page headerLars Hjemli1-0/+10
This adds the ability to show a search box in any pageheader with correct href and hidden form data, but does not enable the box on any pages. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2006-12-28Test for NULL-pointers in html_txt() and friendsLars Hjemli1-4/+3
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2006-12-22Only show first 80 characters of commit subject in log and summaryLars Hjemli1-0/+28
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2006-12-17Show list of modified files in ui-commit.cLars Hjemli1-0/+20
Compare current commit with 1.parent, and for each affected file display current filemode, old filemode if changed, current filename and source filename if it was a copy/rename. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2006-12-10Add license file and copyright noticesLars Hjemli1-0/+8
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2006-12-10Add caching infrastructureLars Hjemli1-2/+4
This enables internal caching of page output. Page requests are split into four groups: 1) repo listing (front page) 2) repo summary 3) repo pages w/symbolic references in query string 4) repo pages w/constant sha1's in query string Each group has a TTL specified in minutes. When a page is requested, a cached filename is stat(2)'ed and st_mtime is compared to time(2). If TTL has expired (or the file didn't exist), the cached file is regenerated. When generating a cached file, locking is used to avoid parallell processing of the request. If multiple processes tries to aquire the same lock, the ones who fail to get the lock serves the (expired) cached file. If the cached file don't exist, the process instead calls sched_yield(2) before restarting the request processing. Signed-off-by: Lars Hjemli <hjemli@gmail.com>