Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 07 May 2004 00:55:55 +0300
From:      Ville =?ISO-8859-1?Q?Skytt=E4?= <scop@FreeBSD.org>
To:        Brad Tofel <brad@archive.org>
Cc:        freebsd-cvsweb@FreeBSD.org
Subject:   Re: cvsweb bug in 3.0.0
Message-ID:  <1083880555.5261.879.camel@bobcat.mine.nu>
In-Reply-To: <03c901c432f4$e6bd9650$3af0edd1@WORKSTATION17>
References:  <03c901c432f4$e6bd9650$3af0edd1@WORKSTATION17>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, 2004-05-06 at 02:01, Brad Tofel wrote:
> need an &htmlquote() in a few places to protect HTML chars in the actual
> diff:
> 
> Note that I've only tested 1 of these changed branches needed for my
> purposes, and probably missed another one or two needed, but it's easy to
> see the problem and the fix..
> 
> Brad
> 
> 3361c3361
> <       printf(<<EOF, scalar(@$leftColRef[$j]));
> ---
> >       printf(<<EOF, &htmlquote(scalar(@$leftColRef[$j])));

Right, this was a bug, the fix was already submitted by Mark A. Mankins
a couple of weeks ago and is now in CVS (using a bit different, and
AFAICS a more "correct" approach):
http://www.freebsd.org/cgi/cvsweb.cgi/projects/cvsweb/cvsweb.cgi.diff?r1=1.255&r2=1.256

> 3711c3711
> <           printf(<<EOF, $_);
> ---
> >           printf(<<EOF, &htmlquote($_));
> 3727c3727
> <         printf(<<EOF, $_, $_);
> ---
> >         printf(<<EOF, &htmlquote($_), &htmlquote($_));

These seem incorrect to me.  If you had included a bit of context in the
patch (hint, hint :), both of the above printf()'s have this as their
preceding line:

  $_ = spacedHtmlText($rest, $d{tabstop});

spacedHtmlText() expands tabs, fiddles with whitespace and htmlifies
stuff by calling htmlify().  And as the very first thing, htmlify() does
a htmlquote()... it also does htmlunquote() and a bunch of other hairy
things under certain circumstances though.

So, if there's a bug, I'd suspect htmlify().  Wrong or right, a test
case would be nice :)  Your approach above would seem to break the
htmlification (ie. creating HTML links to various things) feature.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1083880555.5261.879.camel>