aboutsummaryrefslogtreecommitdiff
path: root/html.c
AgeCommit message (Collapse)Author
2017-10-03html: html_ntxt with no ellipsisJeff Smith
For implementing a ui-blame page, there is need for a function that outputs a selection from a block of text, transformed for HTML output, but with no further modifications or additions. Signed-off-by: Jeff Smith <whydoubt@gmail.com> Reviewed-by: John Keeping <john@keeping.me.uk>
2016-10-01Simplify http_parse_querystring()Lukas Fleischer
Instead of reimplementing URL parameter parsing from scratch, use url_decode_parameter_name() and url_decode_parameter_value() which are already provided by Git. Also, change the return type of http_parse_querystring() to void since its only caller already ignores the return value. Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
2016-01-14ui-shared: prevent malicious filename from injecting headersJason A. Donenfeld
2015-08-14html: remove html_status()John Keeping
This is now unused. Signed-off-by: John Keeping <john@keeping.me.uk>
2015-08-13Remove redundant includesJohn Keeping
These are all included in git-compat-util.h (when necessary), which we include in cgit.h. Signed-off-by: John Keeping <john@keeping.me.uk>
2015-03-09html: avoid using a plain integer as a NULL pointerJohn Keeping
Sparse complains about this table because we use the integer zero as the NULL pointer. Use this as an opportunity to reformat the table so that it always contains 8 elements per row, making it easier to see which values are being set and which are not. Signed-off-by: John Keeping <john@keeping.me.uk>
2014-01-12html: remove redundant htmlfd variableJohn Keeping
This is never changed from STDOUT_FILENO, so just use that value directly. Signed-off-by: John Keeping <john@keeping.me.uk>
2014-01-08Update copyright informationLukas Fleischer
* Name "cgit Development Team" as copyright holder to avoid listing every single developer. * Update copyright ranges. Signed-off-by: Lukas Fleischer <cgit@crytocrack.de>
2013-05-22html.c: die when write failsJohn Keeping
If we fail to write HTML output once, there's no point carrying on so just write a failure message once and die. By using Git's die_errno function we also let the user know in what way the write failed. Signed-off-by: John Keeping <john@keeping.me.uk>
2013-04-08html.c: add various strbuf and varadic helpersJohn Keeping
This adds the fmtalloc helper, html_txtf, html_vtxtf, and html_attrf. These takes a printf style format string like htmlf but escapes the resulting string. The html_vtxtf variant takes a va_list whereas html_txtf is variadic. Signed-off-by: John Keeping <john@keeping.me.uk>
2013-04-08html.c: Replace strdup() with xstrdup()Lukas Fleischer
Use the xstrdup() wrapper which already bails out if strdup() returns a NULL pointer. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-04-08Always #include corresponding .h in .c filesJohn Keeping
While doing this, remove declarations from header files where the corresponding definition is declared "static" in order to avoid build errors. Also re-order existing headers in ui-*.c so that the file-specific header always comes immediately after "cgit.h", helping with future consistency. Signed-off-by: John Keeping <john@keeping.me.uk>
2013-03-20html: check return value of writeJason A. Donenfeld
This squelches a gcc warning. It's also correct that we check to see if there are any partial or failed writes. For now, we just print a warning to stderr. In the future, perhaps it will prove wise to exit(1) on partial writes.
2013-03-05Mark several functions/variables staticLukas Fleischer
Spotted by parsing the output of `gcc -Wmissing-prototypes [...]`. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-03-04White space around control verbs.Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-03-04Fix several whitespace errorsLukas Fleischer
* Remove whitespace at the end of lines. * Replace space indentation by tabs. * Add whitespace before/after several operators ("+", "-", "*", ...) * Add whitespace to assignments ("foo = bar;"). * Fix whitespace in parameter lists ("foobar(foo, bar, 42)"). Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2011-07-21Merge branch 'stable'Lars Hjemli
2011-07-21html.c: avoid out-of-bounds access for url_escape_tableEric Wong
This fixes a segfault for me with with -O2 optimization on x86 with gcc (Debian 4.4.5-8) 4.4.5 I can reliably reproduce it with the following parameters when pointed to the git.git repository: PATH_INFO='/git-core.git/diff/' QUERY_STRING='id=2b93bfac0f5bcabbf60f174f4e7bfa9e318e64d5&id2=d6da71a9d16b8cf27f9d8f90692d3625c849cbc8' Signed-off-by: Eric Wong <normalperson@yhbt.net> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-30Merge branch 'stable'Lars Hjemli
2011-05-30Properly escape ampersands inside HTML attributesLukas Fleischer
Ampersands ("&") appearing inside HTML attributes need to be translated to "&amp;". Otherwise, invalid XHTML will be generated at various places, such as at tree views containing links to submodules. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23Merge branch 'lh/panel'Lars Hjemli
2011-05-23Fix memory leak in http_parse_querystring().Lukas Fleischer
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23Fix escaping of paths with spacesJonathon Mah
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-03-06html.c: add html_intoption()Lars Hjemli
This is similar to html_option, but for int values. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-03-05Merge branch 'stable'Lars Hjemli
2011-03-05do not infloop on a query ending in %XY, for invalid hex X or YJim Meyering
When a query ends in say %gg, (or any invalid hex) e.g., http://git.gnome.org/browse/gdlmm/commit/?id=%gg convert_query_hexchar calls memmove(txt, txt+3, 0), and then returns txt-1, so the loop in http_parse_querystring never terminates. The solution is to make the memmove also copy the trailing NUL. * html.c (convert_query_hexchar): Fix off-by-one error. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-09html.c: use '+' to escape spaces in urlsLars Hjemli
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-09-04prefer html_raw() to write()Mark Lodato
To make the code more consistent, and to not rely on the implementation of html(), always use html_raw(...) instead of write(htmlfd, ...). Signed-off-by: Mark Lodato <lodatom@gmail.com>
2010-08-29Merge branch 'stable'Lars Hjemli
2010-08-29html: fix strcpy bug in convert_query_hexcharMark Lodato
The source and destination strings in strcpy() may not overlap. Instead, use memmove(), which allows overlap. This fixes test t0104, where 'url=foo%2bbar/tree' was being parsed improperly. Signed-off-by: Mark Lodato <lodatom@gmail.com>
2010-02-09html: properly percent-escape URLsMark Lodato
The only valid characters for a URL are unreserved characters a-zA-Z0-9_-.~ and the reserved characters !*'();:@&=+$,/?%#[] , as per RFC 3986. Everything else must be escaped. Additionally, the # and ? always have special meaning, and the &, =, and + have special meaning in a query string, so they too must be escaped. To make this easier, a table of escapes is now used so that we do not have to call fmt() for each character; if the entry is 0, no escaping is needed. Signed-off-by: Mark Lodato <lodatom@gmail.com>
2010-02-09html: make all strings 'const char *'Mark Lodato
None of the html_* functions modify their argument, so they can all be 'const char *' instead of a simple 'char *'. This removes the need to cast (or copy) when trying to print a const string. Signed-off-by: Mark Lodato <lodatom@gmail.com>
2009-01-29html.c: use correct escaping in html attributesLars Hjemli
First, an apostrophe is not a quote. Second, we also need to escape quotes. And finally, quotes are encoded as '&quot;', not '&quote;'. Sighned-off-by: Lars Hjemli <hjemli@gmail.com>
2008-10-05html.c: add html_url_pathLars Hjemli
This function can be used to generate properly escaped path-components for links. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-10-05html.c: add html_url_argLars Hjemli
This function can be used to properly escape querystring parameter values. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-08-06Supply status description to html_status()Lars Hjemli
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-08-06Implement plain viewLars Hjemli
This implements a way to access plain blobs by path (similar to the tree view) instead of by sha1. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-08-06Add support for cloning over httpLars Hjemli
This patch implements basic support for cloning over http, based on the work on git-http-backend by Shawn O. Pearce. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-04-29Print an error if filename is not found in html_include.Harley Laue
Normally when html_include cannot open the file it fails silently and things can be a bit hard to figure out from just looking at apache's log. This will be beneficial for those initially setting up their server with cgit. Signed-off-by: Harley Laue <losinggeneration@aim.com> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-04-08Merge branch 'lh/cleanup'Lars Hjemli
* lh/cleanup: (21 commits) Reset ctx.repo to NULL when the config parser is finished Move cgit_parse_query() from parsing.c to html.c as http_parse_querystring() Move function for configfile parsing into configfile.[ch] Add cache.h Remove global and obsolete cgit_cmd Makefile: copy the QUIET constructs from the Makefile in git.git Move cgit_version from shared.c to cgit.c Makefile: autobuild dependency rules Initial Makefile cleanup Move non-generic functions from shared.c to cgit.c Add ui-shared.h Add separate header-files for each page/view Refactor snapshot support Add command dispatcher Remove obsolete cacheitem parameter to ui-functions Add struct cgit_page to cgit_context Introduce html.h Improve initialization of git directory Move cgit_repo into cgit_context Add all config variables into struct cgit_context ...
2008-04-08Move cgit_parse_query() from parsing.c to html.c as http_parse_querystring()Lars Hjemli
This is a generic http-function. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-03-18Introduce html.hLars Hjemli
All html-functions can be quite easily separated from the rest of cgit, so lets do it; the only issue was html_filemode which uses some git-defined macros so the function is moved into ui-shared.c::cgit_print_filemode(). Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-02-23Merge branch 'stable'Lars Hjemli
* stable: Fix segfault Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-02-23Fix segfaultHiroki Hattori
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-11-11Fix html error detected by test-suiteLars Hjemli
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-28Add html_option() functionLars Hjemli
This is a generic function used to output html "option" tags. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-06-04Rename dirlink to gitlink.Jeffrey C. Ollie
Git changed from dirlink to gitlink in 302b9282c9ddfcc704ca759bdc98c1d5f75eba2f. Signed-off-by: Jeffrey C. Ollie <jeff@ocjtech.us>
2007-05-18Add html_include()Lars Hjemli
This is a function used to include external htmlfiles in cgit- generated pages. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-05-11Add submodule links in tree listingLars Hjemli
When a submodule occurs in a tree, generate a link to show the module/commit. The link is specified as a sprintf string in /etc/cgitrc, using parameters 'module-link' and 'repo.module-link'. This should probably be extended with repo.module-link.$path. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2006-12-28Add generic support for search box in page headerLars Hjemli
This adds the ability to show a search box in any pageheader with correct href and hidden form data, but does not enable the box on any pages. Signed-off-by: Lars Hjemli <hjemli@gmail.com>