summaryrefslogtreecommitdiff
path: root/gitweb
AgeCommit message (Collapse)AuthorFilesLines
2010-12-15Git 1.7.2.5Libravatar Junio C Hamano1-17/+24
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-12-15Git 1.7.1.4Libravatar Junio C Hamano1-17/+25
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-12-15Git 1.7.0.9Libravatar Junio C Hamano1-17/+25
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-12-15Git 1.6.6.3Libravatar Junio C Hamano1-17/+25
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-12-15Git 1.6.5.9Libravatar Junio C Hamano1-16/+24
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-12-15gitweb: Introduce esc_attr to escape attributes of HTML elementsLibravatar Jakub Narebski1-15/+22
It is needed only to escape attributes of handcrafted HTML elements, and not those generated using CGI.pm subroutines / methods for HTML generation. While at it, add esc_url and esc_html where needed, and prefer to use CGI.pm HTML generating methods than handcrafted HTML code. Most of those are probably unnecessary (could be exploited only by person with write access to gitweb config, or at least access to the repository). This fixes CVE-2010-3906 Reported-by: Emanuele Gentili <e.gentili@tigersecurity.it> Helped-by: John 'Warthog9' Hawley <warthog9@kernel.org> Helped-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-08-22Typos in code comments, an error message, documentationLibravatar Ralf Wildenhues2-8/+8
Signed-off-by: Ralf Wildenhues <Ralf.Wildenhues@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-08-09gitweb: clarify search results page when no matching commit foundLibravatar Jonathan Nieder1-4/+5
When searching commits for a string that never occurs, the results page looks something like this: projects / foo.git / search \o/ summary | ... | tree [commit] search: [ kfjdkas ] [ ]re first ⋅ prev ⋅ next Merge branch 'maint' Foo: a demonstration project Without a list of hits to compare it to, the header describing the commit named by the hash parameter (usually HEAD) may itself look like a hit. Add some text (“No match.”) to replace the empty list of hits and avoid this confusion. While at it, remove some nearby dead code, left behind from a simplification a few years ago (v1.5.4-rc0~276^2~4, 2007-11-01). Noticed-by: Erick Mattos <erick.mattos@gmail.com> Signed-off-by: Jonathan Nieder <jrnieder@gmail.com> Acked-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-07-15Merge branch 'maint'Libravatar Junio C Hamano1-2/+1
* maint: Documentation: add submodule.* to the big configuration variable list gitmodules.5: url can be a relative path gitweb: fix esc_url
2010-07-15gitweb: fix esc_urlLibravatar Pavan Kumar Sunkara1-2/+1
Earlier, 452e225 (gitweb: fix esc_param, 2009-10-13) fixed CGI escaping rules used in esc_url. A very similar logic exists in esc_param and needs to be fixed the same way. Signed-off-by: Pavan Kumar Sunkara <pavan.sss1991@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-07-05gitweb: Move evaluate_gitweb_config out of run_requestLibravatar Jakub Narebski1-6/+11
Move evaluate_gitweb_config() and evaluate_git_version() out of run_request() to run(), making them not run one for each request. This changes how git behaves in FastCGI case. This change makes it impossible to have config which changes with request, but I don't think anyone relied on such (hidden action) behavior. While at it, reset timer and number of git commands at beginning of run_request() in new reset_timer() subroutine. This fixes case when gitweb was run using FastCGI interface: time is reported for request, and not for single run of gitweb script. This changes slightly behavior in non-FastCGI case: the number of git commands reported is 1 less (running `git --version` one per gitweb is not counted now). Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-06-22Merge branch 'jn/gitweb-return-or-exit-cleanup'Libravatar Junio C Hamano1-0/+9
* jn/gitweb-return-or-exit-cleanup: gitweb: Return or exit after done serving request Conflicts: gitweb/gitweb.perl
2010-06-21Merge branch 'jn/gitweb-fastcgi'Libravatar Junio C Hamano1-152/+258
* jn/gitweb-fastcgi: gitweb: Run in FastCGI mode if gitweb script has .fcgi extension gitweb: Add support for FastCGI, using CGI::Fast gitweb: Put all per-connection code in run() subroutine
2010-06-20Merge branch 'maint'Libravatar Junio C Hamano1-1/+1
* maint: gitweb/Makefile: fix typo in gitweb.min.css rule Conflicts: gitweb/Makefile
2010-06-20gitweb/Makefile: fix typo in gitweb.min.css ruleLibravatar Jay Soffian1-1/+1
This typo has been in place since the rule was originally added by 0e6ce21 (Gitweb: add support for minifying gitweb.css). Signed-off-by: Jay Soffian <jaysoffian@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-06-18Merge branch 'jn/gitweb-plackup'Libravatar Junio C Hamano7-35/+38
* jn/gitweb-plackup: git-instaweb: Add support for running gitweb via 'plackup' git-instaweb: Wait for server to start before running web browser git-instaweb: Remove pidfile after stopping web server git-instaweb: Configure it to work with new gitweb structure git-instaweb: Put httpd logs in a "$httpd_only" subdirectory gitweb: Set default destination directory for installing gitweb in Makefile gitweb: Move static files into seperate subdirectory
2010-06-14gitweb: Return or exit after done serving requestLibravatar Jakub Narebski1-1/+9
Check if there is a caller in top frame of gitweb, and either 'return' if gitweb code is wrapped in subroutine, or 'exit' if it is not. This should avoid gitweb.cgi: Subroutine git_SOMETHING redefined at gitweb.cgi line NNN warnings in error_log when running gitweb with mod_perl (using ModPerl::Registry handler) Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-06-13Merge branch 'jn/gitweb-syntax-highlight'Libravatar Junio C Hamano2-3/+94
* jn/gitweb-syntax-highlight: gitweb: Refactor syntax highlighting support gitweb: Syntax highlighting support
2010-06-13gitweb: Fix typo in hash key name in %opts in git_header_htmlLibravatar Jakub Narebski1-1/+1
The name of the key has to be the same in call site handle_errors_html and in called subroutine that uses it, i.e. git_header_html. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-06-11gitweb: Run in FastCGI mode if gitweb script has .fcgi extensionLibravatar Jakub Narebski1-8/+13
If the name of the script ($SCRIPT_NAME or $SCRIPT_FILENAME CGI environment variable, or __FILE__ literal) ends with '.fcgi' extension, run gitweb in FastCGI mode, as if it was run with '--fastcgi' / '--fcgi' option. This is intended for easy deploying gitweb using FastCGI interface. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-31gitweb: Move static files into seperate subdirectoryLibravatar Pavan Kumar Sunkara7-35/+38
Create a new subdirectory called 'static' in gitweb/, and move all static files required by gitweb.cgi when running, which means styles, images and Javascript code. This should make gitweb more readable and easier to maintain. Update t/gitweb-lib.sh to reflect this change.The install-gitweb now also include moving of static files into 'static' subdirectory in target directory: update Makefile, gitweb's INSTALL, README and Makefile accordingly. Signed-off-by: Pavan Kumar Sunkara <pavan.sss1991@gmail.com> Mentored-by: Christian Couder <chriscool@tuxfamily.org> Mentored-by: Petr Baudis <pasky@ucw.cz> Acked-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-21Merge branch 'jn/gitweb-caching-prep'Libravatar Junio C Hamano1-19/+50
* jn/gitweb-caching-prep: gitweb: Move generating page title to separate subroutine gitweb: Add custom error handler using die_error gitweb: Use nonlocal jump instead of 'exit' in die_error gitweb: href(..., -path_info => 0|1) Export more test-related variables when running external tests
2010-05-21Merge branch 'jn/gitweb-install'Libravatar Junio C Hamano2-12/+38
* jn/gitweb-install: gitweb: Create install target for gitweb in Makefile gitweb: Improve installation instructions in gitweb/INSTALL
2010-05-21Merge branch 'jn/gitweb-our-squelch'Libravatar Junio C Hamano1-0/+3
* jn/gitweb-our-squelch: gitweb: Silence 'Variable VAR may be unavailable' warnings
2010-05-18gitweb: Use @diff_opts while using format-patchLibravatar Pavan Kumar Sunkara1-2/+2
Make git-format-patch (used by 'patch' and 'patches' views) use the same rename detection options that git-diff and git-diff-tree (used by 'commitdiff', 'blobdiff', etc.) use. Signed-off-by: Pavan Kumar Sunkara <pavan.sss1991@gmail.com> Acked-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Giuseppe Bilotta <giuseppe.bilotta@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-08gitweb: Add support for FastCGI, using CGI::FastLibravatar Sam Vilain1-2/+52
Former run() subroutine got renamed to run_request(). The new run() subroutine can run multiple requests at once if run as FastCGI script. To run gitweb as FastCGI script you must specify '--fastcgi' / '-f' command line option to gitweb, otherwise it runs as an ordinary CGI script. [jn: cherry picked from 56d7d436644ab296155a697552ea1345f2701620 in http://utsl.gen.nz/gitweb/?p=gitweb which was originally based on v264 (2326acfa95ac86a53804ca8eeeb482c2f9265e34) by Kay Sievers; updated to reflect current gitweb code] TODO: update 'gitweb/README' and/or 'gitweb/INSTALL' files. Signed-off-by: Sam Vilain <sam.vilain@catalyst.net.nz> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-08gitweb: Put all per-connection code in run() subroutineLibravatar Jakub Narebski1-153/+204
All code that is run per-connection (as opposed to those parts of gitweb code that can be run once) is put into appropriate subroutines: - evaluate_uri - evaluate_gitweb_config - evaluate_git_version (here only because $GIT can be set in config) - check_loadavg (as soon as possible; $git_version must be defined) - evaluate_query_params (counterpart to evaluate_path_info) - evaluate_and_validate_params - evaluate_git_dir (requires $project) - configure_gitweb_features (@snapshot_fmts, $git_avatar) - dispatch (includes setting default $action) The difference is best viewed with '-w', '--ignore-all-space' option, because of reindent caused by putting code in subroutines. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-03gitweb: Refactor syntax highlighting supportLibravatar Jakub Narebski1-53/+63
This refactoring (adding guess_file_syntax and run_highlighter subroutines) is meant to make it easier in the future to add support for other syntax highlighing solutions, or make it smarter by not re-running `git cat-file` second time. Instead of looping over list of regexps (keys of %highlight_type hash), make use of the fact that choosing syntax is based either on full basename (%highlight_basename), or on file extension (%highlight_ext). Add some basic test of syntax highlighting (with 'highlight' as prerequisite) to t/t9500-gitweb-standalone-no-errors.sh test. While at it make git_blob Perl style prettier. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-03gitweb: Syntax highlighting supportLibravatar Johannes Schindelin2-1/+82
It requires the 'highlight' program to do all the heavy-lifting. This is loosely based on Daniel Svensson's and Sham Chukoury's work in gitweb-xmms2.git (it cannot be cherry-picked, as gitweb-xmms2 first forked wildly, then not contributed back, and then went stale). [jn: cherry picked from bc1ed6aafd9ee4937559535c66c8bddf1864bec6 in http://repo.or.cz/w/git/dscho.git, with a few changes] Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-01gitweb: Create install target for gitweb in MakefileLibravatar Jakub Narebski2-11/+32
Installing gitweb is now as easy as # make gitwebdir=/var/www/cgi-bin gitweb-install ;# as root The gitweb/INSTALL file was updated accordingly, to make use of this new target. Fix shell quoting, i.e. setting bindir_SQ etc., in gitweb/Makefile. Those variables were not used previously. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-01gitweb: Improve installation instructions in gitweb/INSTALLLibravatar Jakub Narebski1-7/+12
Signed-off-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Mark Rada <marada@uwaterloo.ca> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-01gitweb: Silence 'Variable VAR may be unavailable' warningsLibravatar Jakub Narebski1-0/+3
When $projects_list points to a directory, and git_get_projects_list scans this directory for repositories, there can be generated the following warnings (for persistent services like mod_perl or plackup): Variable "$project_maxdepth" may be unavailable at gitweb.cgi line 2443. Variable "$projectroot" may be unavailable at gitweb.cgi line 2451. Those are false positives; silence those warnings by explicitely declaring $project_maxdepth and $projectroot with 'our', as global variables, in anonymous subrotine passed to File::Find::find. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-01gitweb: Move generating page title to separate subroutineLibravatar Jakub Narebski1-13/+19
get_page_title subroutine is currently used only in git_header_html. Nevertheless refactoring title generation allowed to reduce indent level. It would be used in more than one callsite in the patch adding caching activity indicator to gitweb. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-01gitweb: Add custom error handler using die_errorLibravatar Jakub Narebski1-4/+23
Change the default message for errors (for fatalsToBrowser) to use die_error() subroutine. This way errors (and explicitely calling 'die MESSAGE') would generate 'Internal Server Error' error message. Note that call to set_message is intentionally not put in BEGIN block; we set error handler to use die_error() only after we are sure that we can use it, after all needed variables are set. Due to the fact that error handler set via set_message() subroutine from CGI::Carp (in the fatalsToBrowser case) is called after HTTP headers were already printed (with exception of MOD_PERL), gitweb cannot return 'Status: 500 Internal Server Error'. Thanks to the fact that die_error() no longer uses 'exit', errors would be logged by CGI::Carp, independent on whether default error handler is used, or handle_errors_html which uses die_error is used. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-01gitweb: Use nonlocal jump instead of 'exit' in die_errorLibravatar Jakub Narebski1-2/+3
Use 'goto DONE' in place of 'exit' to end request processing in die_error() subroutine. While at it, do not end gitweb with 'exit'. This would make it easier in the future to add support or improve support for persistent environments such as FastCGI and mod_perl. It would also make it easier to make use of die_error() as an error handler (for fatalsToBrowser). Perl 5 allows non-local jumps; the restriction is that you cannot jump into a scope. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-01gitweb: href(..., -path_info => 0|1)Libravatar Jakub Narebski1-1/+6
If named boolean option -path_info is passed to href() subroutine, it would use its value to decide whether to generate path_info URL form. If this option is not passed, href() queries 'pathinfo' feature to check whether to generate path_info URL (if generating path_info link is possible at all). href(-replay=>1, -path_info=>0) is meant to be used to generate a key for caching gitweb output; alternate solution would be to use freeze() from Storable (core module) on %input_params hash (or its reference), e.g.: $key = freeze \%input_params; or other serialization of %input_params. While at it document extra options/flags to href(). Signed-off-by: Jakub Narebski <jnareb@gmail.com> Acked-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-17gitweb: simplify gitweb.min.* generation and clean-up rulesLibravatar Junio C Hamano1-37/+38
GITWEB_CSS and GITWEB_JS are meant to be "what URI should the installed cgi script use to refer to the stylesheet and JavaScript", never "this is the name of the file we are building". Don't use them to decide what file to build minified versions in. While we are at it, lose FILES that is used only for "clean" target in a misguided way. "make clean" should try to remove all the potential build artifacts regardless of a minor configuration change. Instead of trying to remove only the build product "make clean" would have created if it were run without "clean", explicitly list the three potential build products for removal. Tested-by: Mark Rada <marada@uwaterloo.co> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-02gitweb: update INSTALL to use shorter make targetLibravatar Mark Rada1-9/+7
Gitweb can be generated by the gitweb/gitweb.cgi target or the gitweb target. Since the gitweb target is shorter, I think it would be better to have new users be instructed to use it. Signed-off-by: Mark Rada <marada@uwaterloo.ca> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-02gitweb: add documentation to INSTALL regarding gitweb.jsLibravatar Mark Rada1-10/+13
This patch updates gitweb/INSTALL to mention gitweb.js, including JavaScript minification support. Signed-off-by: Mark Rada <marada@uwaterloo.ca> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-02Gitweb: add autoconfigure support for minifiersLibravatar Mark Rada1-12/+2
This will allow users to set a JavaScript/CSS minifier when/if they run the autoconfigure script while building git. Signed-off-by: Mark Rada <marada@uwaterloo.ca> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-02Gitweb: add support for minifying gitweb.cssLibravatar Mark Rada3-8/+28
The build system added support minifying gitweb.js through a JavaScript minifier, but most minifiers come with support for minifying CSS files as well, so we should use it if we can. This patch will add the same facilities to gitweb.css that gitweb.js has for minification. That does not mean that they will use the same minifier though, as it is not safe to assume that all JavaScript minifiers will also minify CSS files. This patch also adds the GITWEB_PROGRAMS variable to the Makefile to keep a list of potential gitweb dependencies separate from OTHER_PROGRAMS when we need to know just the gitweb dependencies. Though the bandwidth savings will not be as dramatic as with the JavaScript minifier, every byte saved is important. Signed-off-by: Mark Rada <marada@uwaterloo.ca> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-03-31Sync with 1.7.0.4Libravatar Junio C Hamano1-2/+1
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-03-31gitweb: git_get_project_config requires only $git_dir, not also $projectLibravatar Jakub Narebski1-2/+1
Fix overeager early return in git_get_project_config, introduced in 9be3614 (gitweb: Fix project-specific feature override behavior, 2010-03-01). When git_get_project_config is called from projects list page via git_get_project_owner($path) etc., it is called with $git_dir defined (in git_get_project_owner($path) etc.), but $project variable is not defined. git_get_project_config doesn't use $project variable anyway. Reported-by: Tobias Heinlein <keytoaster@gentoo.org> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-03-04Merge branch 'jn/gitweb-config-error-die' into maintLibravatar Junio C Hamano1-3/+6
* jn/gitweb-config-error-die: gitweb: Die if there are parsing errors in config file
2010-03-02Merge branch 'maint'Libravatar Junio C Hamano2-4/+72
* maint: gitweb: Fix project-specific feature override behavior gitweb multiple project roots documentation
2010-03-02Merge branch 'jn/gitweb-config-error-die'Libravatar Junio C Hamano1-3/+6
* jn/gitweb-config-error-die: gitweb: Die if there are parsing errors in config file
2010-03-02gitweb: Fix project-specific feature override behaviorLibravatar Jakub Narebski1-1/+8
This commit fixes a bug in processing project-specific override in a situation when there is no project, e.g. for the projects list page. When 'snapshot' feature had project specific config override enabled by putting $feature{'snapshot'}{'override'} = 1; (or equivalent) in $GITWEB_CONFIG, and when viewing toplevel gitweb page, which means the projects list page (to be more exact this happens for any project-less action), gitweb would put the following Perl warnings in error log: gitweb.cgi: Use of uninitialized value $git_dir in concatenation (.) or string at gitweb.cgi line 2065. fatal: error processing config file(s) gitweb.cgi: Use of uninitialized value $git_dir in concatenation (.) or string at gitweb.cgi line 2221. gitweb.cgi: Use of uninitialized value $git_dir in concatenation (.) or string at gitweb.cgi line 2218. The problem is in the following fragment of code: # path to the current git repository our $git_dir; $git_dir = "$projectroot/$project" if $project; # list of supported snapshot formats our @snapshot_fmts = gitweb_get_feature('snapshot'); @snapshot_fmts = filter_snapshot_fmts(@snapshot_fmts); For the toplevel gitweb page, which is the list of projects, $project is not defined, therefore neither is $git_dir. gitweb_get_feature() subroutine calls git_get_project_config() if project specific override is turned on... but we don't have project here. Those errors mentioned above occur in the following fragment of code in git_get_project_config(): # get config if (!defined $config_file || $config_file ne "$git_dir/config") { %config = git_parse_project_config('gitweb'); $config_file = "$git_dir/config"; } git_parse_project_config() calls git_cmd() which has '--git-dir='.$git_dir There are (at least) three possible solutions: 1. Harden gitweb_get_feature() so that it doesn't call git_get_project_config() if $project (and therefore $git_dir) is not defined; there is no project for project specific config. 2. Harden git_get_project_config() like you did in your fix, returning early if $git_dir is not defined. 3. Harden git_cmd() so that it doesn't add "--git-dir=$git_dir" if $git_dir is not defined, and change git_get_project_config() so that it doesn't even try to access $git_dir if it is not defined. This commit implements both 1.) and 2.), i.e. gitweb_get_feature() doesn't call project-specific override if $git_dir is not defined (if there is no project), and git_get_project_config() returns early if $git_dir is not defined. Add a test for this bug to t/t9500-gitweb-standalone-no-errors.sh test. Reported-by: Eli Barzilay <eli@barzilay.org> Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-03-02gitweb multiple project roots documentationLibravatar Sylvain Rabot1-3/+64
This commit adds in the gitweb/README file a description of how to use gitweb with several project roots using apache virtualhost rewrite rules. Signed-off-by: Sylvain Rabot <sylvain@abstraction.fr> Acked-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-02-17gitweb: Protect escaping functions against calling on undefLibravatar Jakub Narebski1-1/+8
This is a bit of future-proofing esc_html and friends: when called with undefined value they would now would return undef... which would probably mean that error would still occur, but closer to the source of problem. This means that we can safely use esc_html(shift) || "Internal Server Error" in die_error() instead of esc_html(shift || "Internal Server Error") Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-02-17gitweb: esc_html (short) error message in die_errorLibravatar Jakub Narebski1-2/+2
The error message (second argument to die_error) is meant to be short, one-line text description of given error. A few callers call die_error with error message containing unescaped user supplied data ($hash, $file_name). Instead of forcing callers to escape data, simply call esc_html on the parameter. Note that optional third parameter, which contains detailed error description, is meant to be HTML formatted, and therefore should be not escaped. While at it update esc_html synopsis/usage, and bring default error description to read 'Internal Server Error' (titlecased). Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>