[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Gnatsweb: HTML escape patch

From: Yngve Svendsen
Subject: Gnatsweb: HTML escape patch
Date: Wed, 21 Mar 2001 23:41:13 +0100

This patch fixes a bug in Gnatsweb where the synopses of PRs aren't properly escaped before being printed to the query results page. This creates problems when a synopsis contains < and/or > characters. It is against the latest CVS version of Gnatsweb 3.95.

This fixes <>

Gerald: I hope this applies without the problems you encountered with the last patch from me.

- Yngve (display_query_results): Apply escapeHTML to $fieldcontents before printing.

RCS file: /cvs/gnats/gnats/contrib/gnatsweb/,v
retrieving revision 2.27
diff -u -p -r2.27
--- 2001/03/21 09:09:27     2.27
+++ 2001/03/21 22:21:54
@@ -1816,6 +1816,7 @@ sub display_query_results
        my $enumvals = fieldinfo($ufields[$whichfield], 'values');
        $fieldcontents = $$enumvals[$fieldcontents - 1] || 'invalid';
+      $fieldcontents = $q->escapeHTML($fieldcontents);
       print "<td nowrap>$fieldcontents";

reply via email to

[Prev in Thread] Current Thread [Next in Thread]