mirror of
https://git.zx2c4.com/cgit
synced 2024-11-25 18:08:41 +00:00
Fix potential XSS vulnerability in rename hint
The file name displayed in the rename hint should be escaped to avoid XSS. Note that this vulnerability is only applicable when an attacker has gained push access to the repository. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This commit is contained in:
parent
1e25ac5b8f
commit
bebe89d7c1
10
ui-diff.c
10
ui-diff.c
@ -97,10 +97,12 @@ static void print_fileinfo(struct fileinfo *info)
|
|||||||
htmlf("</td><td class='%s'>", class);
|
htmlf("</td><td class='%s'>", class);
|
||||||
cgit_diff_link(info->new_path, NULL, NULL, ctx.qry.head, ctx.qry.sha1,
|
cgit_diff_link(info->new_path, NULL, NULL, ctx.qry.head, ctx.qry.sha1,
|
||||||
ctx.qry.sha2, info->new_path, 0);
|
ctx.qry.sha2, info->new_path, 0);
|
||||||
if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED)
|
if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) {
|
||||||
htmlf(" (%s from %s)",
|
htmlf(" (%s from ",
|
||||||
info->status == DIFF_STATUS_COPIED ? "copied" : "renamed",
|
info->status == DIFF_STATUS_COPIED ? "copied" : "renamed");
|
||||||
info->old_path);
|
html_txt(info->old_path);
|
||||||
|
html(")");
|
||||||
|
}
|
||||||
html("</td><td class='right'>");
|
html("</td><td class='right'>");
|
||||||
if (info->binary) {
|
if (info->binary) {
|
||||||
htmlf("bin</td><td class='graph'>%ld -> %ld bytes",
|
htmlf("bin</td><td class='graph'>%ld -> %ld bytes",
|
||||||
|
Loading…
Reference in New Issue
Block a user