gitweb: Consolidate escaping/validation of query string
Consider: http://repo.or.cz/?p=glibc-cvs.git;a=tree;h=2609cb0411389325f4ee2854cc7159756eb0671e;hb=2609cb0411389325f4ee2854cc7159756eb0671e (click on the funny =__ify file) We ought to handle anything in filenames and I actually see no reason why we don't, modulo very little missing escaping that this patch hopefully also fixes. I have also made esc_param() escape [?=&;]. Not escaping [&;] was downright buggy and [?=] just feels better escaped. ;-) YMMV. Signed-off-by: NPetr Baudis <pasky@suse.cz> Signed-off-by: NJunio C Hamano <junkio@cox.net>
Showing
想要评论请 注册 或 登录