Jeff King <peff@xxxxxxxx> writes:
> On Sun, Nov 11, 2012 at 06:20:58AM +0100, Henrich Schuchardt wrote:
>
>> Gitweb pages are structured by divs of class title with grey background.
>> The shortlog, and the log page show the project name as the first title.
>> Page summary only shows an empty grey box above the project details.
>> This provides an inconstent user experience.
>>
>> This patch adds the missing project title.
>>
>> Signed-off-by: Henrich Schuchardt <xypron.glpk@xxxxxx>
>> ---
>> gitweb/gitweb.perl | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
>> index 10ed9e5..3e1c452 100755
>> --- a/gitweb/gitweb.perl
>> +++ b/gitweb/gitweb.perl
>> @@ -6451,7 +6451,7 @@ sub git_summary {
>> git_header_html();
>> git_print_page_nav('summary','', $head);
>>
>> - print "<div class=\"title\"> </div>\n";
>> + print "<div class=\"title\">$project</div>\n";
>
> I do not have any opinion on whether the intent of the change is good or
> not, but shouldn't $project be run through esc_html() here?
I think the answer is yes. And if $project needs to be escaped, the
git_feed function you fixed today has another codepath that needs to
be fixed. When git_get_project_description($project) returns undef,
the description is taken from $project without any escaping.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html