summaryrefslogtreecommitdiff
path: root/gitweb
AgeCommit message (Collapse)AuthorFilesLines
2019-12-01Merge branch 'jk/gitweb-anti-xss'Libravatar Junio C Hamano1-14/+17
Some codepaths in "gitweb" that forgot to escape URLs generated based on end-user input have been corrected. * jk/gitweb-anti-xss: gitweb: escape URLs generated by href() t/gitweb-lib.sh: set $REQUEST_URI t/gitweb-lib.sh: drop confusing quotes t9502: pass along all arguments in xss helper
2019-12-01Merge branch 'en/doc-typofix'Libravatar Junio C Hamano1-9/+9
Docfix. * en/doc-typofix: Fix spelling errors in no-longer-updated-from-upstream modules multimail: fix a few simple spelling errors sha1dc: fix trivial comment spelling error Fix spelling errors in test commands Fix spelling errors in messages shown to users Fix spelling errors in names of tests Fix spelling errors in comments of testcases Fix spelling errors in code comments Fix spelling errors in documentation outside of Documentation/ Documentation: fix a bunch of typos, both old and new
2019-11-18gitweb: escape URLs generated by href()Libravatar Jeff King1-14/+17
There's a cross-site scripting problem in gitweb, where it will print URLs generated by its href() helper without further quoting. This allows an attacker to point a victim to a specially crafted gitweb URL and inject arbitrary HTML into the resulting page (which the victim sees as coming from gitweb). The base of the URL comes from evaluate_uri(), which pulls the value of $REQUEST_URI via the CGI module. It tries to strip off $PATH_INFO, but fails to do so in some cases (including ones that contain special characters, like "+"). Most of the uses of the URL end up being passed to "$cgi->a(-href = href())", which will get quoted properly by the CGI module. But in a few places, we output them ourselves as part of manually-generated HTML, and whatever was in the original URL will appear unquoted in the output. Given that all of the nearby variables placed into this manual HTML _are_ quoted, it seems like the authors assumed that these URLs would not need quoting. So it's possible that the bug is actually in evaluate_uri(), which should be doing a more careful job of stripping $PATH_INFO. There's some discussion in a comment in that function, as well as the commit message in 81d3fe9f48 (gitweb: fix wrong base URL when non-root DirectoryIndex, 2009-02-15). But I'm not sure I understand it. Regardless, it's a good idea to quote these values at the point of insertion into the HTML output: 1. Even if there is a bug in evaluate_uri(), this would give us belt-and-suspenders protection. 2. evaluate_uri() is only handling the base. Some generated URLs will also mention arbitrary refs or filenames in the repositories, and these should be quoted anyway. 3. It should never _hurt_ to quote (and that's what all of the $cgi->a() calls are doing already). So there may be further work here, but this patch at least prevents the XSS vulnerability, and shouldn't make anything worse. The test here covers the calls in print_feed_meta(), but I manually audited every call to href() to see how its output was used, and quoted appropriately. Most of them are esc_attr(), as they're used in tag attributes, but I used esc_html() when the URLs were printed bare. The distinction is largely academic, as one is implemented as a wrapper for the other. Reported-by: NAKAYAMA DAISUKE <nakyamad@icloud.com> Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2019-11-10Fix spelling errors in code commentsLibravatar Elijah Newren1-9/+9
Reported-by: Jens Schleusener <Jens.Schleusener@fossies.org> Signed-off-by: Elijah Newren <newren@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2019-10-28gitweb: correctly store previous rev in javascript-actions modeLibravatar Robert Luberda1-1/+1
Without this change, the setting $feature{'javascript-actions'}{'default'} = [1]; in gitweb.conf breaks gitweb's blame page: clicking on line numbers displayed in the second column on the page has no effect. For comparison, with javascript-actions disabled, clicking on line numbers loads the previous version of the line. Addresses https://bugs.debian.org/741883. Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Robert Luberda <robert@debian.org> Acked-by: Jakub Narębski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2019-04-01gitweb: make hash size independentLibravatar brian m. carlson1-30/+67
Gitweb has several hard-coded 40 values throughout it to check for values that are passed in or acquired from Git. To simplify the code, introduce a regex variable that matches either exactly 40 or exactly 64 hex characters, and use this variable anywhere we would have previously hard-coded a 40 in a regex. Add some helper functions which allow us to write tighter regexes that match exactly the number of hex characters we're expecting. Similarly, switch the code that looks for deleted diffinfo information to look for either 40 or 64 zeros, and update one piece of code to use this function. Finally, when formatting a log line, allow an abbreviated describe output to contain up to 64 characters. Helped-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2018-03-05gitweb: hard-depend on the Digest::MD5 5.8 moduleLibravatar Ævar Arnfjörð Bjarmason2-15/+5
Since my d48b284183 ("perl: bump the required Perl version to 5.8 from 5.6.[21]", 2010-09-24), we've depended on 5.8, so there's no reason to conditionally require Digest::MD5 anymore. It was released with perl v5.7.3[1] The initial introduction of the dependency in e9fdd74e53 ("gitweb: (gr)avatar support", 2009-06-30) says as much, this also undoes part of the later 2e9c8789b7 ("gitweb: Mention optional Perl modules in INSTALL", 2011-02-04) since gitweb will always be run on at least 5.8, so there's no need to mention Digest::MD5 as a required module in the documentation, let's instead say that we require perl 5.8. 1. $ corelist Digest::MD5 Data for 2015-02-14 Digest::MD5 was first released with perl v5.7.3 Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2017-11-06Merge branch 'gc/gitweb-filetest-acl'Libravatar Junio C Hamano1-0/+2
"gitweb" checks if a directory is searchable with Perl's "-x" operator, which can be enhanced by using "filetest 'access'" pragma, which now we do. * gc/gitweb-filetest-acl: gitweb: use filetest to allow ACLs
2017-10-24gitweb: use filetest to allow ACLsLibravatar Guillaume Castagnino1-0/+2
In commit 46a1385 (gitweb: skip unreadable subdirectories, 2017-07-18) we forgot to handle non-unix ACLs as well. Fix this. Signed-off-by: Guillaume Castagnino <casta@xwing.info> Reviewed-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2017-08-26Merge branch 'js/gitweb-raw-blob-link-in-history'Libravatar Junio C Hamano1-0/+3
"gitweb" shows a link to visit the 'raw' contents of blbos in the history overview page. * js/gitweb-raw-blob-link-in-history: gitweb: add 'raw' blob_plain link in history overview
2017-08-23Merge branch 'hb/gitweb-project-list' into maintLibravatar Junio C Hamano1-0/+2
When a directory is not readable, "gitweb" fails to build the project list. Work this around by skipping such a directory. It might end up hiding a problem under the rug and a better solution might be to loudly complain to the administrator pointing out the problematic directory, but this will at least make it "work". * hb/gitweb-project-list: gitweb: skip unreadable subdirectories
2017-08-22gitweb: add 'raw' blob_plain link in history overviewLibravatar Job Snijders1-0/+3
For people that work with very large plain text files it may be easier if one can bypass viewing the htmlized blob and instead click directly to the raw file (rather then click through 'blob' and then to 'raw'). Signed-off-by: Job Snijders <job@instituut.net> Reviewed-by: Giuseppe Bilotta <giuseppe.bilotta@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2017-08-11Merge branch 'hb/gitweb-project-list'Libravatar Junio C Hamano1-0/+2
When a directory is not readable, "gitweb" fails to build the project list. Work this around by skipping such a directory. * hb/gitweb-project-list: gitweb: skip unreadable subdirectories
2017-07-18gitweb: skip unreadable subdirectoriesLibravatar Hielke Christian Braun1-0/+2
gitweb terminates and shows no project list, if it can not access a sub-directory in the project root directory while looking for projects to show. Work it around by skipping unreadable directories. Signed-off-by: Hielke Christian Braun <hcb@unco.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2017-06-27Spelling fixesLibravatar Ville Skyttä1-2/+2
Signed-off-by: Ville Skyttä <ville.skytta@iki.fi> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2017-05-15doc: use https links to Wikipedia to avoid http redirectsLibravatar Sven Strickroth1-1/+1
Signed-off-by: Sven Strickroth <email@cs-ware.de> Reviewed-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-10-26Merge branch 'ab/gitweb-abbrev-links'Libravatar Junio C Hamano1-3/+17
In addition to purely abbreviated commit object names, "gitweb" learned to turn "git describe" output (e.g. v2.9.3-599-g2376d31787) into clickable links in its output. * ab/gitweb-abbrev-links: gitweb: link to "git describe"'d commits in log messages gitweb: link to 7-char+ SHA-1s, not only 8-char+ gitweb: fix a typo in a comment
2016-10-14gitweb: link to "git describe"'d commits in log messagesLibravatar Ævar Arnfjörð Bjarmason1-2/+16
Change the log formatting function to know about "git describe" output such as "v2.8.0-4-g867ad08", in addition to just plain "867ad08". There are still many valid refnames that we don't link to e.g. v2.10.0-rc1~2^2~1 is also a valid way to refer to v2.8.0-4-g867ad08, but I'm not supporting that with this commit, similarly it's trivially possible to create some refnames like "æ/var-gf6727b0" or which won't be picked up by this regex. There's surely room for improvement here, but I just wanted to address the very common case of sticking "git describe" output into commit messages without trying to link to all possible refnames, that's going to be a rather futile exercise given that this is free text, and it would be prohibitively expensive to look up whether the references in question exist in our repository. There was on-list discussion about how we could do better than this patch. Junio suggested to update parse_commits() to call a new "gitweb--helper" command which would pass each of the revision candidates through "rev-parse --verify --quiet". That would cut down on our false positives (e.g. we'll link to "deadbeef"), and also allow us to be more aggressive in selecting candidate revisions. That may be too expensive to work in practice, or it may not. Investigating that would be a good follow-up to this patch. Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Acked-by: Jakub Narębski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-10-14gitweb: link to 7-char+ SHA-1s, not only 8-char+Libravatar Ævar Arnfjörð Bjarmason1-1/+1
Change the minimum length of an abbreviated object identifier in the commit message gitweb tries to turn into link from 8 hexchars to 7. This arbitrary minimum length of 8 was introduced in bfe2191 ("gitweb: SHA-1 in commit log message links to "object" view", 2006-12-10), but the default abbreviation length is 7, and has been for a long time. It's still possible to reference SHA-1s down to 4 characters in length, see v1.7.4-1-gdce9648's MINIMUM_ABBREV, but I can't see how to make git actually produce that, so I doubt anyone is putting that into log messages in practice, but people definitely do put 7 character SHA-1s into log messages. I think it's fairly dubious to link to things matching [0-9a-fA-F] here as opposed to just [0-9a-f], that dates back to the initial version of gitweb from 161332a ("first working version", 2005-08-07). Git will accept all-caps SHA-1s, but didn't ever produce them as far as I can tell. Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Acked-by: Jakub Narębski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-10-14gitweb: fix a typo in a commentLibravatar Ævar Arnfjörð Bjarmason1-1/+1
Change a typo'd MIME type in a comment. The Content-Type is application/xhtml+xml, not application/xhtm+xml. Fixes up code originally added in 53c4031 ("gitweb: Strip non-printable characters from syntax highlighter output", 2011-09-16). Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Acked-by: Jakub Narębski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-09-25gitweb: use highlight's shebang detectionLibravatar Ian Kelling1-5/+5
The "highlight" binary can, in some cases, determine the language type by the means of file contents, for example the shebang in the first line for some scripting languages. Make use of this autodetection for files which syntax is not known by gitweb. In that case, pass the blob contents to "highlight --force"; the parameter is needed to make it always generate HTML output (which includes HTML-escaping). Although we now run highlight on files which do not end up highlighted, performance is virtually unaffected because when we call highlight, it is used for escaping HTML. In the case that highlight is used, gitweb calls sanitize() instead of esc_html(), and the latter is significantly slower (it does more, being roughly a superset of sanitize()). Simple benchmark comparing performance of 'blob' view of files without syntax highlighting in gitweb before and after this change indicates ±1% difference in request time for all file types. Benchmark was performed on local instance on Debian, using Apache/2.4.23 web server and CGI. Document the feature and improve syntax highlight documentation, add test to ensure gitweb doesn't crash when language detection is used. Signed-off-by: Ian Kelling <ian@iankelling.org> Acked-by: Jakub Narębski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-09-25gitweb: remove unused guess_file_syntax() parameterLibravatar Ian Kelling1-2/+2
Signed-off-by: Ian Kelling <ian@iankelling.org> Acked-by: Jakub Narębski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-08-01gitweb: escape link body in format_ref_markerLibravatar Andreas Brauchli1-1/+1
Fix a case where an html link can be generated from unescaped input resulting in invalid strict xhtml or potentially injected code. An overview of a repo with a tag "1.0.0&0.0.1" would previously result in an unescaped ampersand in the link body. Signed-off-by: Andreas Brauchli <a.brauchli@elementarea.net> Acked-by: Jakub Narębski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-05-18Merge branch 'sk/gitweb-highlight-encoding' into HEADLibravatar Junio C Hamano1-0/+3
Some multi-byte encoding can have a backslash byte as a later part of one letter, which would confuse "highlight" filter used in gitweb. * sk/gitweb-highlight-encoding: gitweb: apply fallback encoding before highlight
2016-05-03gitweb: apply fallback encoding before highlightLibravatar Shin Kojima1-0/+3
Some multi-byte character encodings (such as Shift_JIS and GBK) have characters whose final bytes is an ASCII '\' (0x5c), and they will be displayed as funny-characters even if $fallback_encoding is correct. This is because `highlight` command always expects UTF-8 encoded strings from STDIN. $ echo 'my $v = "申";' | highlight --syntax perl | w3m -T text/html -dump my $v = "申"; $ echo 'my $v = "申";' | iconv -f UTF-8 -t Shift_JIS | highlight \ --syntax perl | iconv -f Shift_JIS -t UTF-8 | w3m -T text/html -dump iconv: (stdin):9:135: cannot convert my $v = " This patch prepare git blob objects to be encoded into UTF-8 before highlighting in the manner of `to_utf8` subroutine. Signed-off-by: Shin Kojima <shin@kojima.org> Reviewed-by: Jakub Narębski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-01-12gitweb: squelch "uninitialized value" warningLibravatar Øyvind A. Holm1-1/+1
git_object() chomps $type that is read from "cat-file -t", but it does so before checking if $type is defined, resulting in a Perl warning in the server error log: gitweb.cgi: Use of uninitialized value $type in scalar chomp at [...]/gitweb.cgi line 7579., referer: [...] when trying to access a non-existing commit, for example: http://HOST/?p=PROJECT.git;a=commit;h=NON_EXISTING_COMMIT Check the value in $type before chomping. This will cause us to call href with its action parameter set to undef when formulating the URL to redirect to, but that is harmless, as the function treats a parameter that set to undef as if it does not exist. Signed-off-by: Øyvind A. Holm <sunny@sunbase.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-11-18gitweb: hack around CGI's list-context param() handlingLibravatar Jeff King1-1/+5
As of CGI.pm's 4.08 release, the behavior to call CGI::param() in a list context is deprecated (because it can be potentially unsafe if called inside a hash constructor). This causes gitweb to issue a warning for some of our code, which in turn causes the tests to fail. Our use is in fact _not_ one of the dangerous cases, as we are intentionally using a list context. The recommended route by 4.08 is to use the new CGI::multi_param() call to make it explicit that we know what we are doing. However, that function is only available in 4.08, which is about a month old; we cannot rely on having it. One option would be to set $CGI::LIST_CONTEXT_WARN globally, which turns off the warning. However, that would eliminate the protection these newer releases are trying to provide. We want to annotate each site as OK using the new function. So instead, let's check whether CGI provides the multi_param() function, and if not, provide an implementation that just wraps param(). That will work on both old and new versions of CGI. Sadly, we cannot just check defined(\&CGI::multi_param), because CGI uses the autoload feature, which claims that all functions are defined. Instead, we just do a version check. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-10-16gitweb: use start_form, not startform that was removed in CGI.pm 4.04Libravatar Roland Mas1-2/+2
CGI.pm 4.04 removed the startform method, which had previously been deprecated in favour of start_form. Changes file for CGI.pm says: 4.04 2014-09-04 [ REMOVED / DEPRECATIONS ] - startform and endform methods removed (previously deprecated, you should be using the start_form and end_form methods) Signed-off-by: Roland Mas <lolando@debian.org> Reviewed-by: Jakub Narębski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-04-08Merge branch 'jl/nor-or-nand-and'Libravatar Junio C Hamano1-1/+1
Eradicate mistaken use of "nor" (that is, essentially "nor" used not in "neither A nor B" ;-)) from in-code comments, command output strings, and documentations. * jl/nor-or-nand-and: code and test: fix misuses of "nor" comments: fix misuses of "nor" contrib: fix misuses of "nor" Documentation: fix misuses of "nor"
2014-03-31comments: fix misuses of "nor"Libravatar Justin Lebar1-1/+1
Signed-off-by: Justin Lebar <jlebar@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-02-20gitweb: Avoid overflowing page body frame with large imagesLibravatar Andrew Keller2-1/+6
When displaying a blob in gitweb, if it's an image, specify constraints for maximum display width and height to prevent the image from overflowing the frame of the enclosing page_body div. This change assumes that it is more desirable to see the whole image without scrolling (new behavior) than it is to see every pixel without zooming (previous behavior). Signed-off-by: Andrew Keller <andrew@kellerfarm.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-12-12gitweb: Denote non-heads, non-remotes branchesLibravatar Krzesimir Nowak1-5/+29
Given two branches residing in refs/heads/master and refs/wip/feature the list-of-branches view will present them in following way: master feature (wip) When getting a snapshot of a 'feature' branch, the tarball is going to have name like 'project-wip-feature-<short hash>.tgz'. Signed-off-by: Krzesimir Nowak <krzesimir@endocode.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-12-12gitweb: Add a feature for adding more branch refsLibravatar Krzesimir Nowak1-12/+68
Allow extra-branch-refs feature to tell gitweb to show refs from additional hierarchies in addition to branches in the list-of-branches view. Signed-off-by: Krzesimir Nowak <krzesimir@endocode.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-12-12gitweb: Return 1 on validation success instead of passed inputLibravatar Krzesimir Nowak1-29/+32
Users of validate_* passing "0" might get failures on correct name because of coercion of "0" to false in code like: die_error(500, "invalid ref") unless (check_ref_format ("0")); Also, the validate_foo subs are renamed to is_valid_foo. Signed-off-by: Krzesimir Nowak <krzesimir@endocode.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-12-12gitweb: Move check-ref-format code into separate functionLibravatar Krzesimir Nowak1-4/+13
This check will be used in more than one place later. Signed-off-by: Krzesimir Nowak <krzesimir@endocode.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-09-17Merge branch 'ab/gitweb-author-initials'Libravatar Junio C Hamano1-0/+1
* ab/gitweb-author-initials: gitweb: Fix the author initials in blame for non-ASCII names
2013-09-11Merge branch 'tf/gitweb-ss-tweak'Libravatar Junio C Hamano2-6/+6
Tweak Gitweb CSS to layout some elements better. * tf/gitweb-ss-tweak: gitweb: make search help link less ugly gitweb: omit the repository owner when it is unset gitweb: vertically centre contents of page footer gitweb: ensure OPML text fits inside its box
2013-08-30gitweb: Fix the author initials in blame for non-ASCII namesLibravatar Ævar Arnfjörð Bjarmason1-0/+1
Change the @author_initials feature Jakub added in v1.6.4-rc2-14-ga36817b to match non-ASCII author initials as intended. The regexp Jakub added was intended to match non-ASCII (/\b([[:upper:]])\B/g). But in Perl this doesn't actually match non-ASCII upper-case characters unless the string being matched against has the UTF8 flag. So when we open a pipe to "git blame" we need to mark the file descriptor we're opening as utf8 explicitly. So as a result it abbreviates me to "AB" not "ÆAB", entirely because "Æ" isn't /[[:upper:]]/ unless the string being matched against has the UTF8 flag. Here's something that demonstrates the issue: #!/usr/bin/env perl use strict; use warnings; binmode STDOUT, ':utf8' if $ENV{UTF8}; open my $fd, "-|", "git", "blame", "--incremental", "--", "Makefile" or die "Can't open: $!"; binmode $fd, ":utf8" if $ENV{UTF8}; while (my $line = <$fd>) { next unless my ($author) = $line =~ /^author (.*)/; my @author_initials = ($author =~ /\b([[:upper:]])\B/g); printf "%s (%s)\n", join("", @author_initials), $author; } When that's run with and without UTF8 being true in the environment it gives, on git.git: $ UTF8=0 perl author-initials.pl | sort | uniq -c | sort -nr | head -n 5 99 JH (Junio C Hamano) 35 JN (Jonathan Nieder) 35 JK (Jeff King) 20 JS (Johannes Schindelin) 16 AB (Ævar Arnfjörð Bjarmason) $ UTF8=1 perl author-initials.pl | sort | uniq -c | sort -nr | head -n 5 99 JH (Junio C Hamano) 35 JN (Jonathan Nieder) 35 JK (Jeff King) 20 JS (Johannes Schindelin) 16 ÆAB (Ævar Arnfjörð Bjarmason) Acked-by: Jakub Narębski <jnareb@gmail.com> Tested-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Tested-by: Simon Ruderich <simon@ruderich.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-08-20gitweb: make search help link less uglyLibravatar Tony Finch1-2/+2
The search help link was a superscript question mark right next to a drop-down menu, which looks misaligned and is a cramped and awkward click target. Remove the superscript tags and add some spacing to fix these nits. Add a title attribute to provide an explanatory mouseover. Signed-off-by: Tony Finch <dot@dotat.at> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-08-20gitweb: omit the repository owner when it is unsetLibravatar Tony Finch1-1/+1
On the repository summary page, leave the owner line out if the repo does not have an owner, rather than displaying a labelled empty field. This does not affect the owner column in the projects list page, which is present unless $omit_owner is true. Signed-off-by: Tony Finch <dot@dotat.at> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-08-20gitweb: vertically centre contents of page footerLibravatar Tony Finch1-1/+2
Signed-off-by: Tony Finch <dot@dotat.at> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-08-20gitweb: ensure OPML text fits inside its boxLibravatar Tony Finch1-2/+1
The rss_logo CSS style has a fixed width which is too narrow for the string "OPML". Replace the fixed width with horizontal padding so the text fits with nice margins. Signed-off-by: Tony Finch <dot@dotat.at> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-07-04gitweb: allow extra breadcrumbs to prefix the trailLibravatar Tony Finch1-1/+6
There are often parent pages logically above the gitweb projects list, e.g. home pages of the organization and department that host the gitweb server. This change allows you to include links to those pages in gitweb's breadcrumb trail. Signed-off-by: Tony Finch <dot@dotat.at> Reviewed-by: Jonathan Nieder <jrnieder@gmail.com> Acked-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-06-07gitweb: fix problem causing erroneous project listLibravatar Charles McGarvey1-1/+1
The bug is manifest when running gitweb in a persistent process (e.g. FastCGI, PSGI), and it's easy to reproduce. If a gitweb request includes the searchtext parameter (i.e. s), subsequent requests using the project_list action--which is the default action--and without a searchtext parameter will be filtered by the searchtext value of the first request. This is because the value of the $search_regexp global (the value of which is based on the searchtext parameter) is currently being persisted between requests. Instead, clear $search_regexp before dispatching each request. Signed-off-by: Charles McGarvey <chazmcgarvey@brokenzipper.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-04-15gitweb/INSTALL: Simplify description of GITWEB_CONFIG_SYSTEMLibravatar Jakub Narębski1-8/+5
The flow of the text describing GITWEB_CONFIG_SYSTEM and GITWEB_CONFIG_COMMON in gitweb/INSTALL is awkward. "This is bad. Oh the other hand, better is broken. Therefore we do this." forces readers to make multiple guesses while reading: "ok, bad, so you plan to change it and warn us about upcoming change? oh, not that, changing it is bad, so we have to live with it? oh, not that, there is another one that is common and that is what we can use". Better rewrite said paragraph to avoid such a mental roller-coaster in the first place. Signed-off-by: Junio Hamano <gitster@pobox.com> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-04-12Correct common spelling mistakes in comments and testsLibravatar Stefano Lattarini1-3/+3
Most of these were found using Lucas De Marchi's codespell tool. Signed-off-by: Stefano Lattarini <stefano.lattarini@gmail.com> Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Acked-by: Matthieu Moy <Matthieu.Moy@imag.fr> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-04-12doc: various spelling fixesLibravatar Stefano Lattarini1-1/+1
Most of these were found using Lucas De Marchi's codespell tool. Signed-off-by: Stefano Lattarini <stefano.lattarini@gmail.com> Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-03-07gitweb/README: remove reference to git.kernel.orgLibravatar Fredrik Gustafsson1-3/+0
git.kernel.org no longer uses gitweb but has switched to cgit. Info about this can be found on: https://www.kernel.org/pelican.html or simply by looking at http://git.kernel.org . This is change since 2013-03-01. Signed-off-by: Fredrik Gustafsson <iveqy@iveqy.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-01-28gitweb: refer to picon/gravatar images over the same schemeLibravatar Andrej E Baranov1-2/+2
With the current code, the images from picon and gravatar are requested over http://, and browsers give mixed contents warning when gitweb is served over https://. Just drop the scheme: part from the URL, so that these external sites are accessed over https:// in such a case. Signed-off-by: Andrej E Baranov <admin@andrej-andb.ru> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-01-11Merge branch 'os/gitweb-highlight-uncaptured' into maintLibravatar Junio C Hamano1-1/+1
"gitweb", when sorting by age to show repositories with new activities first, used to sort repositories with absolutely nothing in it early, which was not very useful. * os/gitweb-highlight-uncaptured: gitweb: fix error in sanitize when highlight is enabled