summary refs log tree commit diff
diff options
context:
space:
mode:
authorLars Hjemli <hjemli@gmail.com>2008-10-05 19:25:47 +0200
committerLars Hjemli <hjemli@gmail.com>2008-10-05 19:25:47 +0200
commit2e884f3162771880a2a5260713d6b7d1aa25bc6f (patch)
tree6d7193cc2ce766ac3d350ba3f2ea20e546ec5344
parentb7f33786ef4b155a11b0324f84bbde5d7fc9c998 (diff)
ui-shared: use html_url_path() to get properly escaped url in form action
When a repo uses an url with e.g. '#' or '?' characters this needs to be
properly escaped when used as action in a form tag.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
-rw-r--r--ui-shared.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/ui-shared.c b/ui-shared.c
index f858ab6..1e12529 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -649,8 +649,8 @@ void cgit_print_pageheader(struct cgit_context *ctx)
 		html("</td><td class='form'>");
 		html("<form class='right' method='get' action='");
 		if (ctx->cfg.virtual_root)
-			html_attr(cgit_fileurl(ctx->qry.repo, "log",
-					       ctx->qry.path, NULL));
+			html_url_path(cgit_fileurl(ctx->qry.repo, "log",
+						   ctx->qry.path, NULL));
 		html("'>\n");
 		add_hidden_formfields(1, 0, "log");
 		html("<select name='qt'>\n");