From e307eeda3d55446f4bdeb2ac48f4fef0c24b1f3d Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 18 Nov 2008 02:48:24 -0500 Subject: [PATCH] html escaping complication Can't escape things to entities if the template then escapes the entities. (aggregate doesn't have this problem.) --- IkiWiki/Plugin/recentchanges.pm | 4 +++- IkiWiki/Plugin/recentchangesdiff.pm | 2 ++ templates/change.tmpl | 4 ++-- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/IkiWiki/Plugin/recentchanges.pm b/IkiWiki/Plugin/recentchanges.pm index 39a123ccf..4d7023c1c 100644 --- a/IkiWiki/Plugin/recentchanges.pm +++ b/IkiWiki/Plugin/recentchanges.pm @@ -160,10 +160,12 @@ sub store ($$$) { #{{{ ); } - # escape wikilinks and preprocessor stuff in commit messages if (ref $change->{message}) { foreach my $field (@{$change->{message}}) { if (exists $field->{line}) { + # escape html + $field->{line} = encode_entities($field->{line}); + # escape links and preprocessor stuff $field->{line} = encode_entities($field->{line}, '\[\]'); } } diff --git a/IkiWiki/Plugin/recentchangesdiff.pm b/IkiWiki/Plugin/recentchangesdiff.pm index bc793bada..08cec3f5a 100644 --- a/IkiWiki/Plugin/recentchangesdiff.pm +++ b/IkiWiki/Plugin/recentchangesdiff.pm @@ -39,6 +39,8 @@ sub pagetemplate (@) { #{{{ else { $diff=join("", @lines); } + # escape html + $diff = encode_entities($diff); # escape links and preprocessor stuff $diff = encode_entities($diff, '\[\]'); $template->param(diff => $diff); diff --git a/templates/change.tmpl b/templates/change.tmpl index 0aebae61e..0e61a80f4 100644 --- a/templates/change.tmpl +++ b/templates/change.tmpl @@ -32,14 +32,14 @@
-
+
-
+
 
-- 2.26.2