Mercurial > hg-stable

comparison mercurial/templates/paper/bookmarks.tmpl @ 18526:9409aeaafdc1 stable

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names Without this, repository paths or names containing e.g. & characters or html tags yielded strange results, possibly allowing cross-site scripting attacks.
author Thomas Arendsen Hein <thomas@intevation.de>
date Fri, 01 Feb 2013 20:43:35 +0100
parents bebb05a7e249
children 25dae11bb044
comparison
equal deleted inserted replaced
18525:462579cbad45 18526:9409aeaafdc1
1 {header} 1 {header}
2 <title>{repo|escape}: bookmarks</title> 2 <title>{repo|escape}: bookmarks</title>
3 <link rel="alternate" type="application/atom+xml" 3 <link rel="alternate" type="application/atom+xml"
4 href="{url}atom-bookmarks" title="Atom feed for {repo|escape}: bookmarks" /> 4 href="{url|urlescape}atom-bookmarks" title="Atom feed for {repo|escape}: bookmarks" />
5 <link rel="alternate" type="application/rss+xml" 5 <link rel="alternate" type="application/rss+xml"
6 href="{url}rss-bookmarks" title="RSS feed for {repo|escape}: bookmarks" /> 6 href="{url|urlescape}rss-bookmarks" title="RSS feed for {repo|escape}: bookmarks" />
7 </head> 7 </head>
8 <body> 8 <body>
9 9
10 <div class="container"> 10 <div class="container">
11 <div class="menu"> 11 <div class="menu">
12 <div class="logo"> 12 <div class="logo">
13 <a href="{logourl}"> 13 <a href="{logourl}">
14 <img src="{staticurl}{logoimg}" alt="mercurial" /></a> 14 <img src="{staticurl|urlescape}{logoimg}" alt="mercurial" /></a>
15 </div> 15 </div>
16 <ul> 16 <ul>
17 <li><a href="{url}shortlog{sessionvars%urlparameter}">log</a></li> 17 <li><a href="{url|urlescape}shortlog{sessionvars%urlparameter}">log</a></li>
18 <li><a href="{url}graph{sessionvars%urlparameter}">graph</a></li> 18 <li><a href="{url|urlescape}graph{sessionvars%urlparameter}">graph</a></li>
19 <li><a href="{url}tags{sessionvars%urlparameter}">tags</a></li> 19 <li><a href="{url|urlescape}tags{sessionvars%urlparameter}">tags</a></li>
20 <li class="active">bookmarks</li> 20 <li class="active">bookmarks</li>
21 <li><a href="{url}branches{sessionvars%urlparameter}">branches</a></li> 21 <li><a href="{url|urlescape}branches{sessionvars%urlparameter}">branches</a></li>
22 </ul> 22 </ul>
23 <ul> 23 <ul>
24 <li><a href="{url}help{sessionvars%urlparameter}">help</a></li> 24 <li><a href="{url|urlescape}help{sessionvars%urlparameter}">help</a></li>
25 </ul> 25 </ul>
26 <p> 26 <p>
27 <div class="atom-logo"> 27 <div class="atom-logo">
28 <a href="{url}atom-bookmarks" title="subscribe to atom feed"> 28 <a href="{url|urlescape}atom-bookmarks" title="subscribe to atom feed">
29 <img class="atom-logo" src="{staticurl}feed-icon-14x14.png" alt="atom feed"> 29 <img class="atom-logo" src="{staticurl|urlescape}feed-icon-14x14.png" alt="atom feed">
30 </a> 30 </a>
31 </div> 31 </div>
32 </div> 32 </div>
33 33
34 <div class="main"> 34 <div class="main">
35 <h2 class="breadcrumb"><a href="/">Mercurial</a> {pathdef%breadcrumb}</h2> 35 <h2 class="breadcrumb"><a href="/">Mercurial</a> {pathdef%breadcrumb}</h2>
36 <h3>bookmarks</h3> 36 <h3>bookmarks</h3>
37 37
38 <form class="search" action="{url}log"> 38 <form class="search" action="{url|urlescape}log">
39 {sessionvars%hiddenformentry} 39 {sessionvars%hiddenformentry}
40 <p><input name="rev" id="search1" type="text" size="30" /></p> 40 <p><input name="rev" id="search1" type="text" size="30" /></p>
41 <div id="hint">find changesets by author, revision, 41 <div id="hint">find changesets by author, revision,
42 files, or words in the commit message</div> 42 files, or words in the commit message</div>
43 </form> 43 </form>