From: "Shawn O. Pearce" <spearce@spearce.org>
To: David Symonds <dsymonds@gmail.com>
Cc: pasky@suse.cz, git@vger.kernel.org
Subject: Re: [PATCH] gitweb: Provide title attributes for abbreviated author names.
Date: Sat, 20 Oct 2007 23:25:33 -0400 [thread overview]
Message-ID: <20071021032533.GA30717@spearce.org> (raw)
In-Reply-To: <1192581277533-git-send-email-dsymonds@gmail.com>
Nice, but...
David Symonds <dsymonds@gmail.com> wrote:
> +++ b/gitweb/gitweb.perl
> @@ -3461,9 +3461,15 @@ sub git_shortlog_body {
> print "<tr class=\"light\">\n";
> }
> $alternate ^= 1;
> + my $author = chop_str($co{'author_name'}, 10);
> + if ($author ne $co{'author_name'}) {
> + $author = "<span title=\"$co{'author_name'}\">" . esc_html($author) . "</span>";
Doesn't this produce invalid HTML if $co{'author_name'} has a special
HTML character in it such as & or "? Note that " is much more likely
as it is often used for nicknames. The old code properly escaped
the author name, and indeed you are doing it for the abbreviated
version but not the full version.
This bug seemed to exist in almost all (if not all) of the hunks.
--
Shawn.
next prev parent reply other threads:[~2007-10-21 3:25 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-17 0:34 [PATCH] gitweb: Provide title attributes for abbreviated author names David Symonds
2007-10-21 3:25 ` Shawn O. Pearce [this message]
2007-10-21 4:29 ` David Symonds
-- strict thread matches above, loose matches on Subject: below --
2007-10-22 0:28 David Symonds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071021032533.GA30717@spearce.org \
--to=spearce@spearce.org \
--cc=dsymonds@gmail.com \
--cc=git@vger.kernel.org \
--cc=pasky@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).