On Sun, Mar 06 2022, Jason Yundt wrote: > Before this change, gitweb would generate pages which included: > > <meta http-equiv="content-type" content="application/xhtml+xml; charset=utf-8"/> > > A meta element with http-equiv="content-type" is said to be in the > "Encoding declaration state". According to the HTML Standard, > > The Encoding declaration state may be used in HTML documents, > but elements with an http-equiv attribute in that state must not > be used in XML documents. > > Source: <https://html.spec.whatwg.org/multipage/semantics.html#attr-meta-http-equiv-content-type> > > This change removes that meta element since gitweb always generates XML > documents. > > Signed-off-by: Jason Yundt <jason@jasonyundt.email> > --- > gitweb/gitweb.perl | 4 +--- > t/t9502-gitweb-standalone-parse-output.sh | 13 +++++++++++++ > 2 files changed, 14 insertions(+), 3 deletions(-) > > diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl > index fbd1c20a23..606b50104c 100755 > --- a/gitweb/gitweb.perl > +++ b/gitweb/gitweb.perl > @@ -4213,8 +4213,7 @@ sub git_header_html { > my %opts = @_; > > my $title = get_page_title(); > - my $content_type = get_content_type_html(); > - print $cgi->header(-type=>$content_type, -charset => 'utf-8', > + print $cgi->header(-type=>get_content_type_html(), -charset => 'utf-8', I think it would be better to just skip this hunk, no behavior will change if it's left in. > -status=> $status, -expires => $expires) > unless ($opts{'-no_http_header'}); > my $mod_perl_version = $ENV{'MOD_PERL'} ? " $ENV{'MOD_PERL'}" : ''; > @@ -4225,7 +4224,6 @@ sub git_header_html { > <!-- git web interface version $version, (C) 2005-2006, Kay Sievers <kay.sievers\@vrfy.org>, Christian Gierke --> > <!-- git core binaries version $git_version --> > <head> > -<meta http-equiv="content-type" content="$content_type; charset=utf-8"/> ..with this being the only behavior change (yeah the variable will now be used only in one place, but that's fine) I'm not sure I understand this change really. The result in always XML, so application/xhtml+xml is redundant, text/html, or both? But aside from that: I have seen browsers get the lack of encoding="" "wrong" with data at rest, don't some still default to ISO-8859-1? So won't this result in badly decoded data if you save the web page & view it locally? > <meta name="generator" content="gitweb/$version git/$git_version$mod_perl_version"/> > <meta name="robots" content="index, nofollow"/> > <title>$title</title> > diff --git a/t/t9502-gitweb-standalone-parse-output.sh b/t/t9502-gitweb-standalone-parse-output.sh > index e7363511dd..25165edacc 100755 > --- a/t/t9502-gitweb-standalone-parse-output.sh > +++ b/t/t9502-gitweb-standalone-parse-output.sh > @@ -207,4 +207,17 @@ test_expect_success 'xss checks' ' > xss "" "$TAG+" > ' > > +no_http_equiv_content_type() { > + gitweb_run "$@" && > + ! grep -Ei "http-equiv=['\"]?content-type" gitweb.body Nit: Should we skip the "-i" here since we're testing our own output, and not http standards in general (i.e. we don't have to worry about the case of http-equiv?)
