Nice, but...
David Symonds <dsymonds@xxxxxxxxx> wrote:
> +++ b/gitweb/gitweb.perl
> @@ -3461,9 +3461,15 @@ sub git_shortlog_body {
> print "<tr class=\"light\">\n";
> }
> $alternate ^= 1;
> + my $author = chop_str($co{'author_name'}, 10);
> + if ($author ne $co{'author_name'}) {
> + $author = "<span title=\"$co{'author_name'}\">" . esc_html($author) . "</span>";
Doesn't this produce invalid HTML if $co{'author_name'} has a special
HTML character in it such as & or "? Note that " is much more likely
as it is often used for nicknames. The old code properly escaped
the author name, and indeed you are doing it for the abbreviated
version but not the full version.
This bug seemed to exist in almost all (if not all) of the hunks.
--
Shawn.
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
