This adds the fmtalloc helper, html_txtf, html_vtxtf, and html_attrf.
These takes a printf style format string like htmlf but escapes the
resulting string. The html_vtxtf variant takes a va_list whereas
html_txtf is variadic.
Signed-off-by: John Keeping <john@keeping.me.uk>
While doing this, remove declarations from header files where the
corresponding definition is declared "static" in order to avoid build
errors.
Also re-order existing headers in ui-*.c so that the file-specific
header always comes immediately after "cgit.h", helping with future
consistency.
Signed-off-by: John Keeping <john@keeping.me.uk>
This squelches a gcc warning. It's also correct that we check to see if
there are any partial or failed writes. For now, we just print a warning
to stderr. In the future, perhaps it will prove wise to exit(1) on
partial writes.
* Remove whitespace at the end of lines.
* Replace space indentation by tabs.
* Add whitespace before/after several operators ("+", "-", "*", ...)
* Add whitespace to assignments ("foo = bar;").
* Fix whitespace in parameter lists ("foobar(foo, bar, 42)").
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
This fixes a segfault for me with with -O2 optimization on x86
with gcc (Debian 4.4.5-8) 4.4.5
I can reliably reproduce it with the following parameters
when pointed to the git.git repository:
PATH_INFO='/git-core.git/diff/'
QUERY_STRING='id=2b93bfac0f5bcabbf60f174f4e7bfa9e318e64d5&id2=d6da71a9d16b8cf27f9d8f90692d3625c849cbc8'
Signed-off-by: Eric Wong <normalperson@yhbt.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Ampersands ("&") appearing inside HTML attributes need to be translated
to "&". Otherwise, invalid XHTML will be generated at various
places, such as at tree views containing links to submodules.
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
When a query ends in say %gg, (or any invalid hex) e.g.,
http://git.gnome.org/browse/gdlmm/commit/?id=%gg
convert_query_hexchar calls memmove(txt, txt+3, 0), and then returns
txt-1, so the loop in http_parse_querystring never terminates. The
solution is to make the memmove also copy the trailing NUL.
* html.c (convert_query_hexchar): Fix off-by-one error.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
To make the code more consistent, and to not rely on the implementation
of html(), always use html_raw(...) instead of write(htmlfd, ...).
Signed-off-by: Mark Lodato <lodatom@gmail.com>
The source and destination strings in strcpy() may not overlap.
Instead, use memmove(), which allows overlap. This fixes test t0104,
where 'url=foo%2bbar/tree' was being parsed improperly.
Signed-off-by: Mark Lodato <lodatom@gmail.com>
The only valid characters for a URL are unreserved characters
a-zA-Z0-9_-.~ and the reserved characters !*'();:@&=+$,/?%#[] , as per
RFC 3986. Everything else must be escaped. Additionally, the # and
? always have special meaning, and the &, =, and + have special meaning
in a query string, so they too must be escaped. To make this easier,
a table of escapes is now used so that we do not have to call fmt() for
each character; if the entry is 0, no escaping is needed.
Signed-off-by: Mark Lodato <lodatom@gmail.com>
None of the html_* functions modify their argument, so they can all be
'const char *' instead of a simple 'char *'. This removes the need to
cast (or copy) when trying to print a const string.
Signed-off-by: Mark Lodato <lodatom@gmail.com>
First, an apostrophe is not a quote. Second, we also need to escape
quotes. And finally, quotes are encoded as '"', not '"e;'.
Sighned-off-by: Lars Hjemli <hjemli@gmail.com>
This patch implements basic support for cloning over http, based on the
work on git-http-backend by Shawn O. Pearce.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Normally when html_include cannot open the file it fails silently and
things can be a bit hard to figure out from just looking at apache's
log. This will be beneficial for those initially setting up their server
with cgit.
Signed-off-by: Harley Laue <losinggeneration@aim.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* lh/cleanup: (21 commits)
Reset ctx.repo to NULL when the config parser is finished
Move cgit_parse_query() from parsing.c to html.c as http_parse_querystring()
Move function for configfile parsing into configfile.[ch]
Add cache.h
Remove global and obsolete cgit_cmd
Makefile: copy the QUIET constructs from the Makefile in git.git
Move cgit_version from shared.c to cgit.c
Makefile: autobuild dependency rules
Initial Makefile cleanup
Move non-generic functions from shared.c to cgit.c
Add ui-shared.h
Add separate header-files for each page/view
Refactor snapshot support
Add command dispatcher
Remove obsolete cacheitem parameter to ui-functions
Add struct cgit_page to cgit_context
Introduce html.h
Improve initialization of git directory
Move cgit_repo into cgit_context
Add all config variables into struct cgit_context
...
All html-functions can be quite easily separated from the rest of cgit, so
lets do it; the only issue was html_filemode which uses some git-defined
macros so the function is moved into ui-shared.c::cgit_print_filemode().
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
When a submodule occurs in a tree, generate a link to show the
module/commit. The link is specified as a sprintf string in /etc/cgitrc,
using parameters 'module-link' and 'repo.module-link'. This should probably
be extended with repo.module-link.$path.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This adds the ability to show a search box in any pageheader with correct href and
hidden form data, but does not enable the box on any pages.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Compare current commit with 1.parent, and for each affected file display
current filemode, old filemode if changed, current filename and source
filename if it was a copy/rename.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This enables internal caching of page output.
Page requests are split into four groups:
1) repo listing (front page)
2) repo summary
3) repo pages w/symbolic references in query string
4) repo pages w/constant sha1's in query string
Each group has a TTL specified in minutes. When a page is requested, a cached
filename is stat(2)'ed and st_mtime is compared to time(2). If TTL has expired
(or the file didn't exist), the cached file is regenerated.
When generating a cached file, locking is used to avoid parallell processing
of the request. If multiple processes tries to aquire the same lock, the ones
who fail to get the lock serves the (expired) cached file. If the cached file
don't exist, the process instead calls sched_yield(2) before restarting the
request processing.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This enables basic cgit functionality, using libgit.a and xdiff/lib.a from
git + a custom "git.h" + openssl for sha1 routines.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>