Mercurial > hg-stable
annotate mercurial/templates/spartan/graph.tmpl @ 18526:9409aeaafdc1 stable
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Without this, repository paths or names containing e.g. & characters or html
tags yielded strange results, possibly allowing cross-site scripting attacks.
author | Thomas Arendsen Hein <thomas@intevation.de> |
---|---|
date | Fri, 01 Feb 2013 20:43:35 +0100 |
parents | 7bf412b767fe |
children | 1cac419ab831 |
rev | line source |
---|---|
8431
5c1aabc58004
spartan: use newer template syntax everywhere
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
8357
diff
changeset
|
1 {header} |
5c1aabc58004
spartan: use newer template syntax everywhere
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
8357
diff
changeset
|
2 <title>{repo|escape}: graph</title> |
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
3 <link rel="alternate" type="application/atom+xml" |
18526
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
4 href="{url|urlescape}atom-tags" title="Atom feed for {repo|escape}: tags"> |
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
5 <link rel="alternate" type="application/rss+xml" |
18526
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
6 href="{url|urlescape}rss-tags" title="RSS feed for {repo|escape}: tags"> |
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
7 <!--[if IE]><script type="text/javascript" src="{staticurl|urlescape}excanvas.js"></script><![endif]--> |
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
8 </head> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
9 <body> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
10 |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
11 <div class="buttons"> |
18526
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
12 <a href="{url|urlescape}log{sessionvars%urlparameter}">changelog</a> |
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
13 <a href="{url|urlescape}shortlog{sessionvars%urlparameter}">shortlog</a> |
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
14 <a href="{url|urlescape}tags{sessionvars%urlparameter}">tags</a> |
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
15 <a href="{url|urlescape}branches{sessionvars%urlparameter}">branches</a> |
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
16 <a href="{url|urlescape}file/{node|short}/{sessionvars%urlparameter}">files</a> |
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
17 <a href="{url|urlescape}help{sessionvars%urlparameter}">help</a> |
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
18 </div> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
19 |
18259
7bf412b767fe
hgweb, spartan: add "URL breadcrumbs"
Angel Ezquerra <angel.ezquerra at gmail.com>
parents:
17580
diff
changeset
|
20 <h2><a href="/">Mercurial</a> {pathdef%breadcrumb} / graph</h2> |
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
21 |
18526
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
22 <form action="{url|urlescape}log"> |
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
23 {sessionvars%hiddenformentry} |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
24 <p> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
25 <label for="search1">search:</label> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
26 <input name="rev" id="search1" type="text" size="30"> |
10254
8d5de52431f2
hgweb: changenav: separate pages before and after the current position
Nicolas Dumazet <nicdumz.commits@gmail.com>
parents:
9999
diff
changeset
|
27 navigate: <small class="navigate">{changenav%navgraph}</small> |
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
28 </p> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
29 </form> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
30 |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
31 <noscript>The revision graph only works with JavaScript-enabled browsers.</noscript> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
32 |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
33 <div id="wrapper"> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
34 <ul id="nodebgs"></ul> |
13610
7359cb753a54
templates: widen the graph canvas (issue2683)
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
12680
diff
changeset
|
35 <canvas id="graph" width="480" height="{canvasheight}"></canvas> |
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
36 <ul id="graphnodes"></ul> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
37 </div> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
38 |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
39 <script type="text/javascript"> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
40 <!-- hide script content |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
41 |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
42 var data = {jsdata|json}; |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
43 var graph = new Graph(); |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
44 graph.scale({bg_height}); |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
45 |
10856
b07bd417115b
templates: escape javascript braces
Matt Mackall <mpm@selenic.com>
parents:
10278
diff
changeset
|
46 graph.vertex = function(x, y, color, parity, cur) \{ |
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
47 |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
48 this.ctx.beginPath(); |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
49 color = this.setColor(color, 0.25, 0.75); |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
50 this.ctx.arc(x, y, radius, 0, Math.PI * 2, true); |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
51 this.ctx.fill(); |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
52 |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
53 var bg = '<li class="bg parity' + parity + '"></li>'; |
17580
ffe3630cb243
hgweb: fix incorrect graph padding calculation (issue3626)
Tim Delaney <timothy.c.delaney@gmail.com>
parents:
17421
diff
changeset
|
54 var left = (this.bg_height - this.box_size) + (this.columns + 1) * this.box_size; |
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
55 var nstyle = 'padding-left: ' + left + 'px;'; |
17421
3eb85477c0d9
hgweb: avoid bad $$ processing in graph (issue3601)
Mads Kiilerich <mads@kiilerich.com>
parents:
16137
diff
changeset
|
56 var item = '<li style="' + nstyle + '"><span class="desc">'; |
18526
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
57 item += '<a href="{url|urlescape}rev/' + cur[0] + '{sessionvars%urlparameter}" title="' + cur[0] + '">' + cur[3] + '</a>'; |
17421
3eb85477c0d9
hgweb: avoid bad $$ processing in graph (issue3601)
Mads Kiilerich <mads@kiilerich.com>
parents:
16137
diff
changeset
|
58 item += '</span><span class="info">' + cur[5] + ', by ' + cur[4] + '</span></li>'; |
3eb85477c0d9
hgweb: avoid bad $$ processing in graph (issue3601)
Mads Kiilerich <mads@kiilerich.com>
parents:
16137
diff
changeset
|
59 |
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
60 return [bg, item]; |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
61 |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
62 } |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
63 |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
64 graph.render(data); |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
65 |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
66 // stop hiding script --> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
67 </script> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
68 |
18526
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
69 <form action="{url|urlescape}log"> |
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
70 {sessionvars%hiddenformentry} |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
71 <p> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
72 <label for="search1">search:</label> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
73 <input name="rev" id="search1" type="text" size="30"> |
10254
8d5de52431f2
hgweb: changenav: separate pages before and after the current position
Nicolas Dumazet <nicdumz.commits@gmail.com>
parents:
9999
diff
changeset
|
74 navigate: <small class="navigate">{changenav%navgraph}</small> |
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
75 </p> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
76 </form> |
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
77 |
8431
5c1aabc58004
spartan: use newer template syntax everywhere
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
8357
diff
changeset
|
78 {footer} |