aaoth.xyz repos — cgit: 69382320d96232ee8c73e664797da61e733c2427

Properly escape ampersands inside HTML attributes

Ampersands ("&") appearing inside HTML attributes need to be translated
to "&amp;". Otherwise, invalid XHTML will be generated at various
places, such as at tree views containing links to submodules.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>

Lukas Fleischer cgit@cryptocrack.de

Tue, 24 May 2011 20:38:40 +0200

commit

69382320d96232ee8c73e664797da61e733c2427

parent

ec79265f2053e6dc20e0ec486719f5954d2be83d

1 files changed, 3 insertions(+), 1 deletions(-)

jump to

html.c

M html.c → html.c

@@ -138,7 +138,7 @@ {
 	const char *t = txt;
 	while(t && *t){
 		int c = *t;
-		if (c=='<' || c=='>' || c=='\'' || c=='\"') {
+		if (c=='<' || c=='>' || c=='\'' || c=='\"' || c=='&') {
 			html_raw(txt, t - txt);
 			if (c=='>')
 				html("&gt;");
@@ -148,6 +148,8 @@ else if (c=='\'')
 				html("&#x27;");
 			else if (c=='"')
 				html("&quot;");
+			else if (c=='&')
+				html("&amp;");
 			txt = t+1;
 		}
 		t++;

all repos — cgit @ 69382320d96232ee8c73e664797da61e733c2427

a hyperfast web frontend for git written in c