summaryrefslogtreecommitdiff
path: root/gitweb/gitweb.perl
AgeCommit message (Collapse)AuthorFilesLines
2010-12-18gitweb: Include links to feeds in HTML header only for '200 OK' responseLibravatar Jakub Narebski1-42/+47
To do that, generating "<link />"s to feeds were refactored into print_feed_meta() subroutine, to keep nesting (indent) level in git_header_html() low. This has also the advantage of making code more clear. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: John 'Warthog9' Hawley <warthog9@eaglescrag.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-12-15Git 1.7.3.4Libravatar Junio C Hamano1-17/+24
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-12-15Git 1.7.2.5Libravatar Junio C Hamano1-17/+24
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-12-15Git 1.7.1.4Libravatar Junio C Hamano1-17/+25
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-12-15Git 1.7.0.9Libravatar Junio C Hamano1-17/+25
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-12-15Git 1.6.6.3Libravatar Junio C Hamano1-17/+25
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-12-15Git 1.6.5.9Libravatar Junio C Hamano1-16/+24
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-12-15gitweb: Introduce esc_attr to escape attributes of HTML elementsLibravatar Jakub Narebski1-15/+22
It is needed only to escape attributes of handcrafted HTML elements, and not those generated using CGI.pm subroutines / methods for HTML generation. While at it, add esc_url and esc_html where needed, and prefer to use CGI.pm HTML generating methods than handcrafted HTML code. Most of those are probably unnecessary (could be exploited only by person with write access to gitweb config, or at least access to the repository). This fixes CVE-2010-3906 Reported-by: Emanuele Gentili <e.gentili@tigersecurity.it> Helped-by: John 'Warthog9' Hawley <warthog9@kernel.org> Helped-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-09-27perl: bump the required Perl version to 5.8 from 5.6.[21]Libravatar Ævar Arnfjörð Bjarmason1-0/+1
Formalize our dependency on perl 5.8, bumped from 5.6.[12]. We already used the three-arg form of open() which was introduced in 5.6.1, but t/t9700/test.pl explicitly depended on 5.6.2. However git-add--interactive.pl has been failing on the 5.6 line since it was introduced in v1.5.0-rc0~12^2~2 back in 2006 due to this open syntax: sub run_cmd_pipe { my $fh = undef; open($fh, '-|', @_) or die; return <$fh>; } Which when executed dies on "Can't use an undefined value as filehandle reference". Several of our tests also fail on 5.6 (even more when compiled with NO_PERL_MAKEMAKER=1): t2016-checkout-patch.sh t3904-stash-patch.sh t3701-add-interactive.sh t7105-reset-patch.sh t7501-commit.sh t9700-perl-git.sh Our code is bitrotting on 5.6 with no-one interested in fixing it, and pinning us to such an ancient release of Perl is keeping us from using useful features introduced in the 5.8 release. The 5.6 series is now over 10 years old, and the 5.6.2 maintenance release almost 7. 5.8 on the other hand is more than 8 years old. All the modern Unix-like operating systems have now upgraded to it or a later version, and 5.8 packages are available for old IRIX, AIX Solaris and Tru64 systems. Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Acked-by: Tor Arntsen <tor@spacetec.no> Acked-by: Randal L. Schwartz <merlyn@stonehenge.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-08-31gitweb: Don't die_error in git_tag after already printing headersLibravatar Anders Kaseorg1-3/+3
This fixes an XML error when visiting a nonexistent tag (i.e. "../gitweb.cgi?p=git.git;a=tag;h=refs/tags/BADNAME"). Signed-off-by: Anders Kaseorg <andersk@mit.edu> Acked-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-08-22Merge branch 'maint'Libravatar Junio C Hamano1-6/+6
* maint: Typos in code comments, an error message, documentation
2010-08-22Typos in code comments, an error message, documentationLibravatar Ralf Wildenhues1-6/+6
Signed-off-by: Ralf Wildenhues <Ralf.Wildenhues@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-08-12Merge branch 'jn/maint-gitweb-dynconf'Libravatar Junio C Hamano1-4/+4
* jn/maint-gitweb-dynconf: gitweb: allow configurations that change with each request
2010-08-09Merge branch 'maint'Libravatar Junio C Hamano1-4/+5
* maint: gitweb: clarify search results page when no matching commit found Documentation: add a FILES section for show-ref Makefile: add missing dependency on http.h Makefile: add missing dependencies on url.h Documentation/git-log: Clarify --full-diff git-rebase: fix typo when parsing --force-rebase imap-send: Fix sprintf usage prune: allow --dry-run for -n and --verbose for -v notes: allow --dry-run for -n and --verbose for -v Document -B<n>[/<m>], -M<n> and -C<n> variants of -B, -M and -C Documentation: cite git-am from git-apply t7003: fix subdirectory-filter test Allow "check-ref-format --branch" from subdirectory check-ref-format: handle subcommands in separate functions pretty-options.txt: match --format's documentation with implementation.
2010-08-09gitweb: clarify search results page when no matching commit foundLibravatar Jonathan Nieder1-4/+5
When searching commits for a string that never occurs, the results page looks something like this: projects / foo.git / search \o/ summary | ... | tree [commit] search: [ kfjdkas ] [ ]re first ⋅ prev ⋅ next Merge branch 'maint' Foo: a demonstration project Without a list of hits to compare it to, the header describing the commit named by the hash parameter (usually HEAD) may itself look like a hit. Add some text (“No match.”) to replace the empty list of hits and avoid this confusion. While at it, remove some nearby dead code, left behind from a simplification a few years ago (v1.5.4-rc0~276^2~4, 2007-11-01). Noticed-by: Erick Mattos <erick.mattos@gmail.com> Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Acked-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-08-02gitweb: Fix typo in run() subroutineLibravatar Jakub Narebski1-1/+1
Run $post_dispatch_hook->() not $pre_dispatch_hook->() after each request. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-08-02gitweb: allow configurations that change with each requestLibravatar Jonathan Nieder1-4/+4
gitolite's contrib/gitweb/gitweb.conf includes: $ENV{GL_USER} = $cgi->remote_user || "gitweb"; which is useful for setups where a user has to be authenticated to access certain repos. Perhaps other typical configurations change per session in other ways, too. v1.7.2-rc2~6 (gitweb: Move evaluate_gitweb_config out of run_request, 2010-07-05) broke such configurations for a speedup, by loading the configuration once per FastCGI process. Probably in the end there should be a way to specify in the configuration whether a particular installation wants the speedup or the flexibility. But for now it is easier to just undo the relevant change. This partially reverts commit 869d58813b24c74e84c9388041eafcef40cb51e4. Reported-by: Julio Lajara <julio.lajara@alum.rpi.edu> Analysis-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-07-28gitweb: move highlight config out of guess_file_syntax()Libravatar Alejandro R. Sedeño1-24/+23
Move highlight config out of guess_file_syntax() so that it can be extended/overridden by system/user configuration. Signed-off-by: Alejandro R. Sedeño <asedeno@mit.edu> Acked-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-07-15Merge branch 'maint'Libravatar Junio C Hamano1-2/+1
* maint: Documentation: add submodule.* to the big configuration variable list gitmodules.5: url can be a relative path gitweb: fix esc_url
2010-07-15gitweb: fix esc_urlLibravatar Pavan Kumar Sunkara1-2/+1
Earlier, 452e225 (gitweb: fix esc_param, 2009-10-13) fixed CGI escaping rules used in esc_url. A very similar logic exists in esc_param and needs to be fixed the same way. Signed-off-by: Pavan Kumar Sunkara <pavan.sss1991@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-07-05gitweb: Move evaluate_gitweb_config out of run_requestLibravatar Jakub Narebski1-6/+11
Move evaluate_gitweb_config() and evaluate_git_version() out of run_request() to run(), making them not run one for each request. This changes how git behaves in FastCGI case. This change makes it impossible to have config which changes with request, but I don't think anyone relied on such (hidden action) behavior. While at it, reset timer and number of git commands at beginning of run_request() in new reset_timer() subroutine. This fixes case when gitweb was run using FastCGI interface: time is reported for request, and not for single run of gitweb script. This changes slightly behavior in non-FastCGI case: the number of git commands reported is 1 less (running `git --version` one per gitweb is not counted now). Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-06-22Merge branch 'jn/gitweb-return-or-exit-cleanup'Libravatar Junio C Hamano1-0/+9
* jn/gitweb-return-or-exit-cleanup: gitweb: Return or exit after done serving request Conflicts: gitweb/gitweb.perl
2010-06-21Merge branch 'jn/gitweb-fastcgi'Libravatar Junio C Hamano1-152/+258
* jn/gitweb-fastcgi: gitweb: Run in FastCGI mode if gitweb script has .fcgi extension gitweb: Add support for FastCGI, using CGI::Fast gitweb: Put all per-connection code in run() subroutine
2010-06-14gitweb: Return or exit after done serving requestLibravatar Jakub Narebski1-1/+9
Check if there is a caller in top frame of gitweb, and either 'return' if gitweb code is wrapped in subroutine, or 'exit' if it is not. This should avoid gitweb.cgi: Subroutine git_SOMETHING redefined at gitweb.cgi line NNN warnings in error_log when running gitweb with mod_perl (using ModPerl::Registry handler) Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-06-13Merge branch 'jn/gitweb-syntax-highlight'Libravatar Junio C Hamano1-3/+76
* jn/gitweb-syntax-highlight: gitweb: Refactor syntax highlighting support gitweb: Syntax highlighting support
2010-06-13gitweb: Fix typo in hash key name in %opts in git_header_htmlLibravatar Jakub Narebski1-1/+1
The name of the key has to be the same in call site handle_errors_html and in called subroutine that uses it, i.e. git_header_html. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-06-11gitweb: Run in FastCGI mode if gitweb script has .fcgi extensionLibravatar Jakub Narebski1-8/+13
If the name of the script ($SCRIPT_NAME or $SCRIPT_FILENAME CGI environment variable, or __FILE__ literal) ends with '.fcgi' extension, run gitweb in FastCGI mode, as if it was run with '--fastcgi' / '--fcgi' option. This is intended for easy deploying gitweb using FastCGI interface. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-21Merge branch 'jn/gitweb-caching-prep'Libravatar Junio C Hamano1-19/+50
* jn/gitweb-caching-prep: gitweb: Move generating page title to separate subroutine gitweb: Add custom error handler using die_error gitweb: Use nonlocal jump instead of 'exit' in die_error gitweb: href(..., -path_info => 0|1) Export more test-related variables when running external tests
2010-05-21Merge branch 'jn/gitweb-our-squelch'Libravatar Junio C Hamano1-0/+3
* jn/gitweb-our-squelch: gitweb: Silence 'Variable VAR may be unavailable' warnings
2010-05-18gitweb: Use @diff_opts while using format-patchLibravatar Pavan Kumar Sunkara1-2/+2
Make git-format-patch (used by 'patch' and 'patches' views) use the same rename detection options that git-diff and git-diff-tree (used by 'commitdiff', 'blobdiff', etc.) use. Signed-off-by: Pavan Kumar Sunkara <pavan.sss1991@gmail.com> Acked-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Giuseppe Bilotta <giuseppe.bilotta@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-08gitweb: Add support for FastCGI, using CGI::FastLibravatar Sam Vilain1-2/+52
Former run() subroutine got renamed to run_request(). The new run() subroutine can run multiple requests at once if run as FastCGI script. To run gitweb as FastCGI script you must specify '--fastcgi' / '-f' command line option to gitweb, otherwise it runs as an ordinary CGI script. [jn: cherry picked from 56d7d436644ab296155a697552ea1345f2701620 in http://utsl.gen.nz/gitweb/?p=gitweb which was originally based on v264 (2326acfa95ac86a53804ca8eeeb482c2f9265e34) by Kay Sievers; updated to reflect current gitweb code] TODO: update 'gitweb/README' and/or 'gitweb/INSTALL' files. Signed-off-by: Sam Vilain <sam.vilain@catalyst.net.nz> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-08gitweb: Put all per-connection code in run() subroutineLibravatar Jakub Narebski1-153/+204
All code that is run per-connection (as opposed to those parts of gitweb code that can be run once) is put into appropriate subroutines: - evaluate_uri - evaluate_gitweb_config - evaluate_git_version (here only because $GIT can be set in config) - check_loadavg (as soon as possible; $git_version must be defined) - evaluate_query_params (counterpart to evaluate_path_info) - evaluate_and_validate_params - evaluate_git_dir (requires $project) - configure_gitweb_features (@snapshot_fmts, $git_avatar) - dispatch (includes setting default $action) The difference is best viewed with '-w', '--ignore-all-space' option, because of reindent caused by putting code in subroutines. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-03gitweb: Refactor syntax highlighting supportLibravatar Jakub Narebski1-53/+63
This refactoring (adding guess_file_syntax and run_highlighter subroutines) is meant to make it easier in the future to add support for other syntax highlighing solutions, or make it smarter by not re-running `git cat-file` second time. Instead of looping over list of regexps (keys of %highlight_type hash), make use of the fact that choosing syntax is based either on full basename (%highlight_basename), or on file extension (%highlight_ext). Add some basic test of syntax highlighting (with 'highlight' as prerequisite) to t/t9500-gitweb-standalone-no-errors.sh test. While at it make git_blob Perl style prettier. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-03gitweb: Syntax highlighting supportLibravatar Johannes Schindelin1-1/+64
It requires the 'highlight' program to do all the heavy-lifting. This is loosely based on Daniel Svensson's and Sham Chukoury's work in gitweb-xmms2.git (it cannot be cherry-picked, as gitweb-xmms2 first forked wildly, then not contributed back, and then went stale). [jn: cherry picked from bc1ed6aafd9ee4937559535c66c8bddf1864bec6 in http://repo.or.cz/w/git/dscho.git, with a few changes] Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-01gitweb: Silence 'Variable VAR may be unavailable' warningsLibravatar Jakub Narebski1-0/+3
When $projects_list points to a directory, and git_get_projects_list scans this directory for repositories, there can be generated the following warnings (for persistent services like mod_perl or plackup): Variable "$project_maxdepth" may be unavailable at gitweb.cgi line 2443. Variable "$projectroot" may be unavailable at gitweb.cgi line 2451. Those are false positives; silence those warnings by explicitely declaring $project_maxdepth and $projectroot with 'our', as global variables, in anonymous subrotine passed to File::Find::find. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-01gitweb: Move generating page title to separate subroutineLibravatar Jakub Narebski1-13/+19
get_page_title subroutine is currently used only in git_header_html. Nevertheless refactoring title generation allowed to reduce indent level. It would be used in more than one callsite in the patch adding caching activity indicator to gitweb. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-01gitweb: Add custom error handler using die_errorLibravatar Jakub Narebski1-4/+23
Change the default message for errors (for fatalsToBrowser) to use die_error() subroutine. This way errors (and explicitely calling 'die MESSAGE') would generate 'Internal Server Error' error message. Note that call to set_message is intentionally not put in BEGIN block; we set error handler to use die_error() only after we are sure that we can use it, after all needed variables are set. Due to the fact that error handler set via set_message() subroutine from CGI::Carp (in the fatalsToBrowser case) is called after HTTP headers were already printed (with exception of MOD_PERL), gitweb cannot return 'Status: 500 Internal Server Error'. Thanks to the fact that die_error() no longer uses 'exit', errors would be logged by CGI::Carp, independent on whether default error handler is used, or handle_errors_html which uses die_error is used. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-01gitweb: Use nonlocal jump instead of 'exit' in die_errorLibravatar Jakub Narebski1-2/+3
Use 'goto DONE' in place of 'exit' to end request processing in die_error() subroutine. While at it, do not end gitweb with 'exit'. This would make it easier in the future to add support or improve support for persistent environments such as FastCGI and mod_perl. It would also make it easier to make use of die_error() as an error handler (for fatalsToBrowser). Perl 5 allows non-local jumps; the restriction is that you cannot jump into a scope. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-01gitweb: href(..., -path_info => 0|1)Libravatar Jakub Narebski1-1/+6
If named boolean option -path_info is passed to href() subroutine, it would use its value to decide whether to generate path_info URL form. If this option is not passed, href() queries 'pathinfo' feature to check whether to generate path_info URL (if generating path_info link is possible at all). href(-replay=>1, -path_info=>0) is meant to be used to generate a key for caching gitweb output; alternate solution would be to use freeze() from Storable (core module) on %input_params hash (or its reference), e.g.: $key = freeze \%input_params; or other serialization of %input_params. While at it document extra options/flags to href(). Signed-off-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-03-31Sync with 1.7.0.4Libravatar Junio C Hamano1-2/+1
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-03-31gitweb: git_get_project_config requires only $git_dir, not also $projectLibravatar Jakub Narebski1-2/+1
Fix overeager early return in git_get_project_config, introduced in 9be3614 (gitweb: Fix project-specific feature override behavior, 2010-03-01). When git_get_project_config is called from projects list page via git_get_project_owner($path) etc., it is called with $git_dir defined (in git_get_project_owner($path) etc.), but $project variable is not defined. git_get_project_config doesn't use $project variable anyway. Reported-by: Tobias Heinlein <keytoaster@gentoo.org> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-03-04Merge branch 'jn/gitweb-config-error-die' into maintLibravatar Junio C Hamano1-3/+6
* jn/gitweb-config-error-die: gitweb: Die if there are parsing errors in config file
2010-03-02Merge branch 'maint'Libravatar Junio C Hamano1-1/+8
* maint: gitweb: Fix project-specific feature override behavior gitweb multiple project roots documentation
2010-03-02Merge branch 'jn/gitweb-config-error-die'Libravatar Junio C Hamano1-3/+6
* jn/gitweb-config-error-die: gitweb: Die if there are parsing errors in config file
2010-03-02gitweb: Fix project-specific feature override behaviorLibravatar Jakub Narebski1-1/+8
This commit fixes a bug in processing project-specific override in a situation when there is no project, e.g. for the projects list page. When 'snapshot' feature had project specific config override enabled by putting $feature{'snapshot'}{'override'} = 1; (or equivalent) in $GITWEB_CONFIG, and when viewing toplevel gitweb page, which means the projects list page (to be more exact this happens for any project-less action), gitweb would put the following Perl warnings in error log: gitweb.cgi: Use of uninitialized value $git_dir in concatenation (.) or string at gitweb.cgi line 2065. fatal: error processing config file(s) gitweb.cgi: Use of uninitialized value $git_dir in concatenation (.) or string at gitweb.cgi line 2221. gitweb.cgi: Use of uninitialized value $git_dir in concatenation (.) or string at gitweb.cgi line 2218. The problem is in the following fragment of code: # path to the current git repository our $git_dir; $git_dir = "$projectroot/$project" if $project; # list of supported snapshot formats our @snapshot_fmts = gitweb_get_feature('snapshot'); @snapshot_fmts = filter_snapshot_fmts(@snapshot_fmts); For the toplevel gitweb page, which is the list of projects, $project is not defined, therefore neither is $git_dir. gitweb_get_feature() subroutine calls git_get_project_config() if project specific override is turned on... but we don't have project here. Those errors mentioned above occur in the following fragment of code in git_get_project_config(): # get config if (!defined $config_file || $config_file ne "$git_dir/config") { %config = git_parse_project_config('gitweb'); $config_file = "$git_dir/config"; } git_parse_project_config() calls git_cmd() which has '--git-dir='.$git_dir There are (at least) three possible solutions: 1. Harden gitweb_get_feature() so that it doesn't call git_get_project_config() if $project (and therefore $git_dir) is not defined; there is no project for project specific config. 2. Harden git_get_project_config() like you did in your fix, returning early if $git_dir is not defined. 3. Harden git_cmd() so that it doesn't add "--git-dir=$git_dir" if $git_dir is not defined, and change git_get_project_config() so that it doesn't even try to access $git_dir if it is not defined. This commit implements both 1.) and 2.), i.e. gitweb_get_feature() doesn't call project-specific override if $git_dir is not defined (if there is no project), and git_get_project_config() returns early if $git_dir is not defined. Add a test for this bug to t/t9500-gitweb-standalone-no-errors.sh test. Reported-by: Eli Barzilay <eli@barzilay.org> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-02-17gitweb: Protect escaping functions against calling on undefLibravatar Jakub Narebski1-1/+8
This is a bit of future-proofing esc_html and friends: when called with undefined value they would now would return undef... which would probably mean that error would still occur, but closer to the source of problem. This means that we can safely use esc_html(shift) || "Internal Server Error" in die_error() instead of esc_html(shift || "Internal Server Error") Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-02-17gitweb: esc_html (short) error message in die_errorLibravatar Jakub Narebski1-2/+2
The error message (second argument to die_error) is meant to be short, one-line text description of given error. A few callers call die_error with error message containing unescaped user supplied data ($hash, $file_name). Instead of forcing callers to escape data, simply call esc_html on the parameter. Note that optional third parameter, which contains detailed error description, is meant to be HTML formatted, and therefore should be not escaped. While at it update esc_html synopsis/usage, and bring default error description to read 'Internal Server Error' (titlecased). Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-02-14gitweb: Die if there are parsing errors in config fileLibravatar Jakub Narebski1-3/+6
Otherwise the errors can propagate, and show in damnest places, and you would spend your time chasing ghosts instead of debugging real problem (yes, it is from personal experience). This follows (parts of) advice in `perldoc -f do` documentation. This required restructoring code a bit, so we die only if we are reading (executing) config file. As a side effect $GITWEB_CONFIG_SYSTEM is always available, even when we use $GITWEB_CONFIG. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-02-03gitweb: Simplify (and fix) chop_strLibravatar John 'Warthog9' Hawley1-4/+0
The chop_str subroutine is meant to be used on strings (such as commit description / title) *before* HTML escaping, which means before applying esc_html or equivalent. Therefore get rid of the failed attempt to always remove full HTML entities (like e.g. &amp; or &nbsp;). It is not necessary (HTML entities gets added later), and it can cause chop_str to chop a string incorrectly. Specifically: API & protocol: support option to force written data immediately to disk from http://git.kernel.org/?p=daemon/distsrv/chunkd.git;a=commit;h=3b02f749df2cb1288f345a689d85e7061f507e54 The short version of the title gets chopped to API ... where it should be API & protocol: support option to force written data... Noticed-by: John 'Warthog9' Hawley <warthog9@kernel.org> Signed-off-by: John 'Warthog9' Hawley <warthog9@kernel.org> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-01-30gitweb: Add optional extra parameter to die_error, for extended explanationLibravatar John 'Warthog9' Hawley1-1/+7
Add a 3rd, optional, parameter to die_error to allow for extended error information to be output along with what the error was. Signed-off-by: John 'Warthog9' Hawley <warthog9@kernel.org> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>