mirror of
https://git.zx2c4.com/cgit
synced 2024-11-29 11:56:21 +00:00
Properly escape ampersands inside HTML attributes
Ampersands ("&") appearing inside HTML attributes need to be translated to "&". Otherwise, invalid XHTML will be generated at various places, such as at tree views containing links to submodules. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This commit is contained in:
parent
ec79265f20
commit
69382320d9
4
html.c
4
html.c
@ -138,7 +138,7 @@ void html_attr(const char *txt)
|
|||||||
const char *t = txt;
|
const char *t = txt;
|
||||||
while(t && *t){
|
while(t && *t){
|
||||||
int c = *t;
|
int c = *t;
|
||||||
if (c=='<' || c=='>' || c=='\'' || c=='\"') {
|
if (c=='<' || c=='>' || c=='\'' || c=='\"' || c=='&') {
|
||||||
html_raw(txt, t - txt);
|
html_raw(txt, t - txt);
|
||||||
if (c=='>')
|
if (c=='>')
|
||||||
html(">");
|
html(">");
|
||||||
@ -148,6 +148,8 @@ void html_attr(const char *txt)
|
|||||||
html("'");
|
html("'");
|
||||||
else if (c=='"')
|
else if (c=='"')
|
||||||
html(""");
|
html(""");
|
||||||
|
else if (c=='&')
|
||||||
|
html("&");
|
||||||
txt = t+1;
|
txt = t+1;
|
||||||
}
|
}
|
||||||
t++;
|
t++;
|
||||||
|
Loading…
Reference in New Issue
Block a user