Fossil SCM
Escape all characters in the href attributes of <a> elements that have special meaning to HTML. Ticket [5ff2043c96682049].
Commit
d5c46845080ed03fbcf73746a49493cb13ce0014
Parent
1858d202ef890e5…
3 files changed
+7
-3
+2
-2
+1
-1
+7
-3
| --- src/style.c | ||
| +++ src/style.c | ||
| @@ -90,11 +90,13 @@ | ||
| 90 | 90 | va_list ap; |
| 91 | 91 | va_start(ap, zFormat); |
| 92 | 92 | zUrl = vmprintf(zFormat, ap); |
| 93 | 93 | va_end(ap); |
| 94 | 94 | if( g.perm.Hyperlink && !g.javascriptHyperlink ){ |
| 95 | - return mprintf("<a %s href=\"%z\">", zExtra, zUrl); | |
| 95 | + char *zHUrl = mprintf("<a %s href=\"%h\">", zExtra, zUrl); | |
| 96 | + fossil_free(zUrl); | |
| 97 | + return zHUrl; | |
| 96 | 98 | } |
| 97 | 99 | if( nHref>=nHrefAlloc ){ |
| 98 | 100 | nHrefAlloc = nHrefAlloc*2 + 10; |
| 99 | 101 | aHref = fossil_realloc(aHref, nHrefAlloc*sizeof(aHref[0])); |
| 100 | 102 | } |
| @@ -106,11 +108,13 @@ | ||
| 106 | 108 | va_list ap; |
| 107 | 109 | va_start(ap, zFormat); |
| 108 | 110 | zUrl = vmprintf(zFormat, ap); |
| 109 | 111 | va_end(ap); |
| 110 | 112 | if( g.perm.Hyperlink && !g.javascriptHyperlink ){ |
| 111 | - return mprintf("<a href=\"%z\">", zUrl); | |
| 113 | + char *zHUrl = mprintf("<a href=\"%h\">", zUrl); | |
| 114 | + fossil_free(zUrl); | |
| 115 | + return zHUrl; | |
| 112 | 116 | } |
| 113 | 117 | if( nHref>=nHrefAlloc ){ |
| 114 | 118 | nHrefAlloc = nHrefAlloc*2 + 10; |
| 115 | 119 | aHref = fossil_realloc(aHref, nHrefAlloc*sizeof(aHref[0])); |
| 116 | 120 | } |
| @@ -278,11 +282,11 @@ | ||
| 278 | 282 | for(i=0; i<nSubmenu; i++){ |
| 279 | 283 | struct Submenu *p = &aSubmenu[i]; |
| 280 | 284 | if( p->zLink==0 ){ |
| 281 | 285 | @ <span class="label">%h(p->zLabel)</span> |
| 282 | 286 | }else{ |
| 283 | - @ <a class="label" href="%s(p->zLink)">%h(p->zLabel)</a> | |
| 287 | + @ <a class="label" href="%h(p->zLink)">%h(p->zLabel)</a> | |
| 284 | 288 | } |
| 285 | 289 | } |
| 286 | 290 | @ </div> |
| 287 | 291 | } |
| 288 | 292 | style_ad_unit(); |
| 289 | 293 |
| --- src/style.c | |
| +++ src/style.c | |
| @@ -90,11 +90,13 @@ | |
| 90 | va_list ap; |
| 91 | va_start(ap, zFormat); |
| 92 | zUrl = vmprintf(zFormat, ap); |
| 93 | va_end(ap); |
| 94 | if( g.perm.Hyperlink && !g.javascriptHyperlink ){ |
| 95 | return mprintf("<a %s href=\"%z\">", zExtra, zUrl); |
| 96 | } |
| 97 | if( nHref>=nHrefAlloc ){ |
| 98 | nHrefAlloc = nHrefAlloc*2 + 10; |
| 99 | aHref = fossil_realloc(aHref, nHrefAlloc*sizeof(aHref[0])); |
| 100 | } |
| @@ -106,11 +108,13 @@ | |
| 106 | va_list ap; |
| 107 | va_start(ap, zFormat); |
| 108 | zUrl = vmprintf(zFormat, ap); |
| 109 | va_end(ap); |
| 110 | if( g.perm.Hyperlink && !g.javascriptHyperlink ){ |
| 111 | return mprintf("<a href=\"%z\">", zUrl); |
| 112 | } |
| 113 | if( nHref>=nHrefAlloc ){ |
| 114 | nHrefAlloc = nHrefAlloc*2 + 10; |
| 115 | aHref = fossil_realloc(aHref, nHrefAlloc*sizeof(aHref[0])); |
| 116 | } |
| @@ -278,11 +282,11 @@ | |
| 278 | for(i=0; i<nSubmenu; i++){ |
| 279 | struct Submenu *p = &aSubmenu[i]; |
| 280 | if( p->zLink==0 ){ |
| 281 | @ <span class="label">%h(p->zLabel)</span> |
| 282 | }else{ |
| 283 | @ <a class="label" href="%s(p->zLink)">%h(p->zLabel)</a> |
| 284 | } |
| 285 | } |
| 286 | @ </div> |
| 287 | } |
| 288 | style_ad_unit(); |
| 289 |
| --- src/style.c | |
| +++ src/style.c | |
| @@ -90,11 +90,13 @@ | |
| 90 | va_list ap; |
| 91 | va_start(ap, zFormat); |
| 92 | zUrl = vmprintf(zFormat, ap); |
| 93 | va_end(ap); |
| 94 | if( g.perm.Hyperlink && !g.javascriptHyperlink ){ |
| 95 | char *zHUrl = mprintf("<a %s href=\"%h\">", zExtra, zUrl); |
| 96 | fossil_free(zUrl); |
| 97 | return zHUrl; |
| 98 | } |
| 99 | if( nHref>=nHrefAlloc ){ |
| 100 | nHrefAlloc = nHrefAlloc*2 + 10; |
| 101 | aHref = fossil_realloc(aHref, nHrefAlloc*sizeof(aHref[0])); |
| 102 | } |
| @@ -106,11 +108,13 @@ | |
| 108 | va_list ap; |
| 109 | va_start(ap, zFormat); |
| 110 | zUrl = vmprintf(zFormat, ap); |
| 111 | va_end(ap); |
| 112 | if( g.perm.Hyperlink && !g.javascriptHyperlink ){ |
| 113 | char *zHUrl = mprintf("<a href=\"%h\">", zUrl); |
| 114 | fossil_free(zUrl); |
| 115 | return zHUrl; |
| 116 | } |
| 117 | if( nHref>=nHrefAlloc ){ |
| 118 | nHrefAlloc = nHrefAlloc*2 + 10; |
| 119 | aHref = fossil_realloc(aHref, nHrefAlloc*sizeof(aHref[0])); |
| 120 | } |
| @@ -278,11 +282,11 @@ | |
| 282 | for(i=0; i<nSubmenu; i++){ |
| 283 | struct Submenu *p = &aSubmenu[i]; |
| 284 | if( p->zLink==0 ){ |
| 285 | @ <span class="label">%h(p->zLabel)</span> |
| 286 | }else{ |
| 287 | @ <a class="label" href="%h(p->zLink)">%h(p->zLabel)</a> |
| 288 | } |
| 289 | } |
| 290 | @ </div> |
| 291 | } |
| 292 | style_ad_unit(); |
| 293 |
+2
-2
| --- src/timeline.c | ||
| +++ src/timeline.c | ||
| @@ -373,11 +373,11 @@ | ||
| 373 | 373 | /* Generate the "user: USERNAME" at the end of the comment, together |
| 374 | 374 | ** with a hyperlink to another timeline for that user. |
| 375 | 375 | */ |
| 376 | 376 | if( zTagList && zTagList[0]==0 ) zTagList = 0; |
| 377 | 377 | if( g.perm.Hyperlink && fossil_strcmp(zUser, zThisUser)!=0 ){ |
| 378 | - char *zLink = mprintf("%R/timeline?u=%h&c=%t&nd", zUser, zDate); | |
| 378 | + char *zLink = mprintf("%R/timeline?u=%h&c=%t&nd", zUser, zDate); | |
| 379 | 379 | @ (user: %z(href("%z",zLink))%h(zUser)</a>%s(zTagList?",":"\051") |
| 380 | 380 | }else{ |
| 381 | 381 | @ (user: %h(zUser)%s(zTagList?",":"\051") |
| 382 | 382 | } |
| 383 | 383 | |
| @@ -398,11 +398,11 @@ | ||
| 398 | 398 | while( z && z[0] ){ |
| 399 | 399 | for(i=0; z[i] && (z[i]!=',' || z[i+1]!=' '); i++){} |
| 400 | 400 | if( zThisTag==0 || memcmp(z, zThisTag, i)!=0 || zThisTag[i]!=0 ){ |
| 401 | 401 | blob_appendf(&links, |
| 402 | 402 | "%z%#h</a>%.2s", |
| 403 | - href("%R/timeline?r=%#t&nd&c=%t",i,z,zDate), i,z, &z[i] | |
| 403 | + href("%R/timeline?r=%#t&nd&c=%t",i,z,zDate), i,z, &z[i] | |
| 404 | 404 | ); |
| 405 | 405 | }else{ |
| 406 | 406 | blob_appendf(&links, "%#h", i+2, z); |
| 407 | 407 | } |
| 408 | 408 | if( z[i]==0 ) break; |
| 409 | 409 |
| --- src/timeline.c | |
| +++ src/timeline.c | |
| @@ -373,11 +373,11 @@ | |
| 373 | /* Generate the "user: USERNAME" at the end of the comment, together |
| 374 | ** with a hyperlink to another timeline for that user. |
| 375 | */ |
| 376 | if( zTagList && zTagList[0]==0 ) zTagList = 0; |
| 377 | if( g.perm.Hyperlink && fossil_strcmp(zUser, zThisUser)!=0 ){ |
| 378 | char *zLink = mprintf("%R/timeline?u=%h&c=%t&nd", zUser, zDate); |
| 379 | @ (user: %z(href("%z",zLink))%h(zUser)</a>%s(zTagList?",":"\051") |
| 380 | }else{ |
| 381 | @ (user: %h(zUser)%s(zTagList?",":"\051") |
| 382 | } |
| 383 | |
| @@ -398,11 +398,11 @@ | |
| 398 | while( z && z[0] ){ |
| 399 | for(i=0; z[i] && (z[i]!=',' || z[i+1]!=' '); i++){} |
| 400 | if( zThisTag==0 || memcmp(z, zThisTag, i)!=0 || zThisTag[i]!=0 ){ |
| 401 | blob_appendf(&links, |
| 402 | "%z%#h</a>%.2s", |
| 403 | href("%R/timeline?r=%#t&nd&c=%t",i,z,zDate), i,z, &z[i] |
| 404 | ); |
| 405 | }else{ |
| 406 | blob_appendf(&links, "%#h", i+2, z); |
| 407 | } |
| 408 | if( z[i]==0 ) break; |
| 409 |
| --- src/timeline.c | |
| +++ src/timeline.c | |
| @@ -373,11 +373,11 @@ | |
| 373 | /* Generate the "user: USERNAME" at the end of the comment, together |
| 374 | ** with a hyperlink to another timeline for that user. |
| 375 | */ |
| 376 | if( zTagList && zTagList[0]==0 ) zTagList = 0; |
| 377 | if( g.perm.Hyperlink && fossil_strcmp(zUser, zThisUser)!=0 ){ |
| 378 | char *zLink = mprintf("%R/timeline?u=%h&c=%t&nd", zUser, zDate); |
| 379 | @ (user: %z(href("%z",zLink))%h(zUser)</a>%s(zTagList?",":"\051") |
| 380 | }else{ |
| 381 | @ (user: %h(zUser)%s(zTagList?",":"\051") |
| 382 | } |
| 383 | |
| @@ -398,11 +398,11 @@ | |
| 398 | while( z && z[0] ){ |
| 399 | for(i=0; z[i] && (z[i]!=',' || z[i+1]!=' '); i++){} |
| 400 | if( zThisTag==0 || memcmp(z, zThisTag, i)!=0 || zThisTag[i]!=0 ){ |
| 401 | blob_appendf(&links, |
| 402 | "%z%#h</a>%.2s", |
| 403 | href("%R/timeline?r=%#t&nd&c=%t",i,z,zDate), i,z, &z[i] |
| 404 | ); |
| 405 | }else{ |
| 406 | blob_appendf(&links, "%#h", i+2, z); |
| 407 | } |
| 408 | if( z[i]==0 ) break; |
| 409 |
+1
-1
| --- src/url.c | ||
| +++ src/url.c | ||
| @@ -352,11 +352,11 @@ | ||
| 352 | 352 | z = zValue2; |
| 353 | 353 | if( z==0 ) continue; |
| 354 | 354 | } |
| 355 | 355 | blob_appendf(&p->url, "%s%s", zSep, p->azName[i]); |
| 356 | 356 | if( z && z[0] ) blob_appendf(&p->url, "=%T", z); |
| 357 | - zSep = "&"; | |
| 357 | + zSep = "&"; | |
| 358 | 358 | } |
| 359 | 359 | if( zName1 && zValue1 ){ |
| 360 | 360 | blob_appendf(&p->url, "%s%s", zSep, zName1); |
| 361 | 361 | if( zValue1[0] ) blob_appendf(&p->url, "=%T", zValue1); |
| 362 | 362 | } |
| 363 | 363 |
| --- src/url.c | |
| +++ src/url.c | |
| @@ -352,11 +352,11 @@ | |
| 352 | z = zValue2; |
| 353 | if( z==0 ) continue; |
| 354 | } |
| 355 | blob_appendf(&p->url, "%s%s", zSep, p->azName[i]); |
| 356 | if( z && z[0] ) blob_appendf(&p->url, "=%T", z); |
| 357 | zSep = "&"; |
| 358 | } |
| 359 | if( zName1 && zValue1 ){ |
| 360 | blob_appendf(&p->url, "%s%s", zSep, zName1); |
| 361 | if( zValue1[0] ) blob_appendf(&p->url, "=%T", zValue1); |
| 362 | } |
| 363 |
| --- src/url.c | |
| +++ src/url.c | |
| @@ -352,11 +352,11 @@ | |
| 352 | z = zValue2; |
| 353 | if( z==0 ) continue; |
| 354 | } |
| 355 | blob_appendf(&p->url, "%s%s", zSep, p->azName[i]); |
| 356 | if( z && z[0] ) blob_appendf(&p->url, "=%T", z); |
| 357 | zSep = "&"; |
| 358 | } |
| 359 | if( zName1 && zValue1 ){ |
| 360 | blob_appendf(&p->url, "%s%s", zSep, zName1); |
| 361 | if( zValue1[0] ) blob_appendf(&p->url, "=%T", zValue1); |
| 362 | } |
| 363 |