cvsweb bug in 3.0.0
VilleSkyttä
scop at FreeBSD.org
Thu May 6 14:55:58 PDT 2004
On Thu, 2004-05-06 at 02:01, Brad Tofel wrote:
> need an &htmlquote() in a few places to protect HTML chars in the actual
> diff:
>
> Note that I've only tested 1 of these changed branches needed for my
> purposes, and probably missed another one or two needed, but it's easy to
> see the problem and the fix..
>
> Brad
>
> 3361c3361
> < printf(<<EOF, scalar(@$leftColRef[$j]));
> ---
> > printf(<<EOF, &htmlquote(scalar(@$leftColRef[$j])));
Right, this was a bug, the fix was already submitted by Mark A. Mankins
a couple of weeks ago and is now in CVS (using a bit different, and
AFAICS a more "correct" approach):
http://www.freebsd.org/cgi/cvsweb.cgi/projects/cvsweb/cvsweb.cgi.diff?r1=1.255&r2=1.256
> 3711c3711
> < printf(<<EOF, $_);
> ---
> > printf(<<EOF, &htmlquote($_));
> 3727c3727
> < printf(<<EOF, $_, $_);
> ---
> > printf(<<EOF, &htmlquote($_), &htmlquote($_));
These seem incorrect to me. If you had included a bit of context in the
patch (hint, hint :), both of the above printf()'s have this as their
preceding line:
$_ = spacedHtmlText($rest, $d{tabstop});
spacedHtmlText() expands tabs, fiddles with whitespace and htmlifies
stuff by calling htmlify(). And as the very first thing, htmlify() does
a htmlquote()... it also does htmlunquote() and a bunch of other hairy
things under certain circumstances though.
So, if there's a bug, I'd suspect htmlify(). Wrong or right, a test
case would be nice :) Your approach above would seem to break the
htmlification (ie. creating HTML links to various things) feature.
More information about the freebsd-cvsweb
mailing list