Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Changes In Branch ticket-5ff2043c96 Excluding Merge-Ins
This is equivalent to a diff from 1858d202ef to 35bfedef3e
|
2012-11-08
| ||
| 13:46 | Escape all characters in the href attributes of <a> elements that have special meaning to HTML. Ticket [5ff2043c96682049]. check-in: d5c4684508 user: drh tags: trunk | |
| 13:44 | Always HTML-encode the href attribute of <a> elements. This check-in simplifies and fixes double-frees in the previous. Ticket [5ff2043c9668] Closed-Leaf check-in: 35bfedef3e user: drh tags: ticket-5ff2043c96 | |
| 12:04 | one more similar fix, in xhref(). There is only one hyperlink using xhref with ampersands, in the "vinfo" and "ci" pages, but just for completeness… check-in: e47d862a59 user: jan.nijtmans tags: ticket-5ff2043c96 | |
| 09:45 | suggested fix for [5ff2043c96] check-in: d1f16f718a user: jan.nijtmans tags: ticket-5ff2043c96 | |
| 09:20 | a few more minor html5 violations check-in: 1858d202ef user: jan.nijtmans tags: trunk | |
|
2012-11-07
| ||
| 11:28 | Show an error message when trying to rename one file on top of another, rather than throwing a uniqueness constraint. Ticket [1e43138b8b8e90f] check-in: 14fdae7e40 user: drh tags: trunk | |
Changes to src/style.c.
88 88 char *xhref(const char *zExtra, const char *zFormat, ...){ 89 89 char *zUrl; 90 90 va_list ap; 91 91 va_start(ap, zFormat); 92 92 zUrl = vmprintf(zFormat, ap); 93 93 va_end(ap); 94 94 if( g.perm.Hyperlink && !g.javascriptHyperlink ){ 95 - return mprintf("<a %s href=\"%z\">", zExtra, zUrl); 95 + char *zHUrl = mprintf("<a %s href=\"%h\">", zExtra, zUrl); 96 + fossil_free(zUrl); 97 + return zHUrl; 96 98 } 97 99 if( nHref>=nHrefAlloc ){ 98 100 nHrefAlloc = nHrefAlloc*2 + 10; 99 101 aHref = fossil_realloc(aHref, nHrefAlloc*sizeof(aHref[0])); 100 102 } 101 103 aHref[nHref++] = zUrl; 102 104 return mprintf("<a %s id=%d>", zExtra, nHref); ................................................................................ 104 106 char *href(const char *zFormat, ...){ 105 107 char *zUrl; 106 108 va_list ap; 107 109 va_start(ap, zFormat); 108 110 zUrl = vmprintf(zFormat, ap); 109 111 va_end(ap); 110 112 if( g.perm.Hyperlink && !g.javascriptHyperlink ){ 111 - return mprintf("<a href=\"%z\">", zUrl); 113 + char *zHUrl = mprintf("<a href=\"%h\">", zUrl); 114 + fossil_free(zUrl); 115 + return zHUrl; 112 116 } 113 117 if( nHref>=nHrefAlloc ){ 114 118 nHrefAlloc = nHrefAlloc*2 + 10; 115 119 aHref = fossil_realloc(aHref, nHrefAlloc*sizeof(aHref[0])); 116 120 } 117 121 aHref[nHref++] = zUrl; 118 122 return mprintf("<a id=%d>", nHref); ................................................................................ 276 280 @ <div class="submenu"> 277 281 qsort(aSubmenu, nSubmenu, sizeof(aSubmenu[0]), submenuCompare); 278 282 for(i=0; i<nSubmenu; i++){ 279 283 struct Submenu *p = &aSubmenu[i]; 280 284 if( p->zLink==0 ){ 281 285 @ <span class="label">%h(p->zLabel)</span> 282 286 }else{ 283 - @ <a class="label" href="%s(p->zLink)">%h(p->zLabel)</a> 287 + @ <a class="label" href="%h(p->zLink)">%h(p->zLabel)</a> 284 288 } 285 289 } 286 290 @ </div> 287 291 } 288 292 style_ad_unit(); 289 293 @ <div class="content"> 290 294 cgi_destination(CGI_BODY);
Changes to src/timeline.c.
371 371 blob_reset(&comment); 372 372 373 373 /* Generate the "user: USERNAME" at the end of the comment, together 374 374 ** with a hyperlink to another timeline for that user. 375 375 */ 376 376 if( zTagList && zTagList[0]==0 ) zTagList = 0; 377 377 if( g.perm.Hyperlink && fossil_strcmp(zUser, zThisUser)!=0 ){ 378 - char *zLink = mprintf("%R/timeline?u=%h&c=%t&nd", zUser, zDate); 378 + char *zLink = mprintf("%R/timeline?u=%h&c=%t&nd", zUser, zDate); 379 379 @ (user: %z(href("%z",zLink))%h(zUser)</a>%s(zTagList?",":"\051") 380 380 }else{ 381 381 @ (user: %h(zUser)%s(zTagList?",":"\051") 382 382 } 383 383 384 384 /* Generate a "detail" link for tags. */ 385 385 if( (zType[0]=='g' || zType[0]=='w' || zType[0]=='t') && g.perm.Hyperlink ){ ................................................................................ 396 396 Blob links; 397 397 blob_zero(&links); 398 398 while( z && z[0] ){ 399 399 for(i=0; z[i] && (z[i]!=',' || z[i+1]!=' '); i++){} 400 400 if( zThisTag==0 || memcmp(z, zThisTag, i)!=0 || zThisTag[i]!=0 ){ 401 401 blob_appendf(&links, 402 402 "%z%#h</a>%.2s", 403 - href("%R/timeline?r=%#t&nd&c=%t",i,z,zDate), i,z, &z[i] 403 + href("%R/timeline?r=%#t&nd&c=%t",i,z,zDate), i,z, &z[i] 404 404 ); 405 405 }else{ 406 406 blob_appendf(&links, "%#h", i+2, z); 407 407 } 408 408 if( z[i]==0 ) break; 409 409 z += i+2; 410 410 }
Changes to src/url.c.
350 350 if( zName2 && fossil_strcmp(zName2,p->azName[i])==0 ){ 351 351 zName2 = 0; 352 352 z = zValue2; 353 353 if( z==0 ) continue; 354 354 } 355 355 blob_appendf(&p->url, "%s%s", zSep, p->azName[i]); 356 356 if( z && z[0] ) blob_appendf(&p->url, "=%T", z); 357 - zSep = "&"; 357 + zSep = "&"; 358 358 } 359 359 if( zName1 && zValue1 ){ 360 360 blob_appendf(&p->url, "%s%s", zSep, zName1); 361 361 if( zValue1[0] ) blob_appendf(&p->url, "=%T", zValue1); 362 362 } 363 363 if( zName2 && zValue2 ){ 364 364 blob_appendf(&p->url, "%s%s", zSep, zName2);