Mercurial > hg
annotate mercurial/templates/spartan/changelog.tmpl @ 18526:9409aeaafdc1 stable
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Without this, repository paths or names containing e.g. & characters or html
tags yielded strange results, possibly allowing cross-site scripting attacks.
| author | Thomas Arendsen Hein <thomas@intevation.de> |
|---|---|
| date | Fri, 01 Feb 2013 20:43:35 +0100 |
| parents | 7bf412b767fe |
| children | 1cac419ab831 |
| rev | line source |
|---|---|
|
8431
5c1aabc58004
spartan: use newer template syntax everywhere
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
8357
diff
changeset
|
1 {header} |
|
5c1aabc58004
spartan: use newer template syntax everywhere
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
8357
diff
changeset
|
2 <title>{repo|escape}: changelog</title> |
|
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
3 <link rel="alternate" type="application/atom+xml" |
|
18526
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
4 href="{url|urlescape}atom-log" title="Atom feed for {repo|escape}"> |
|
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
5 <link rel="alternate" type="application/rss+xml" |
|
18526
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
6 href="{url|urlescape}rss-log" title="RSS feed for {repo|escape}"> |
|
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
7 </head> |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
8 <body> |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
9 |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
10 <div class="buttons"> |
|
18526
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
11 <a href="{url|urlescape}shortlog/{rev}{sessionvars%urlparameter}">shortlog</a> |
|
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
12 <a href="{url|urlescape}graph{sessionvars%urlparameter}">graph</a> |
|
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
13 <a href="{url|urlescape}tags{sessionvars%urlparameter}">tags</a> |
|
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
14 <a href="{url|urlescape}branches{sessionvars%urlparameter}">branches</a> |
|
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
15 <a href="{url|urlescape}file/{node|short}{sessionvars%urlparameter}">files</a> |
|
8431
5c1aabc58004
spartan: use newer template syntax everywhere
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
8357
diff
changeset
|
16 {archives%archiveentry} |
|
18526
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
17 <a href="{url|urlescape}help{sessionvars%urlparameter}">help</a> |
|
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
18 <a type="application/rss+xml" href="{url|urlescape}rss-log">rss</a> |
|
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
19 <a type="application/atom+xml" href="{url|urlescape}atom-log" title="Atom feed for {repo|escape}">atom</a> |
|
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
20 </div> |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
21 |
|
18259
7bf412b767fe
hgweb, spartan: add "URL breadcrumbs"
Angel Ezquerra <angel.ezquerra at gmail.com>
parents:
12680
diff
changeset
|
22 <h2><a href="/">Mercurial</a> {pathdef%breadcrumb} / changelog</h2> |
|
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
23 |
|
18526
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
24 <form action="{url|urlescape}log"> |
|
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
25 {sessionvars%hiddenformentry} |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
26 <p> |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
27 <label for="search1">search:</label> |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
28 <input name="rev" id="search1" type="text" size="30"> |
|
10254
8d5de52431f2
hgweb: changenav: separate pages before and after the current position
Nicolas Dumazet <nicdumz.commits@gmail.com>
parents:
9999
diff
changeset
|
29 navigate: <small class="navigate">{changenav%nav}</small> |
|
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
30 </p> |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
31 </form> |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
32 |
|
8431
5c1aabc58004
spartan: use newer template syntax everywhere
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
8357
diff
changeset
|
33 {entries%changelogentry} |
|
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
34 |
|
18526
9409aeaafdc1
hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Thomas Arendsen Hein <thomas@intevation.de>
parents:
18259
diff
changeset
|
35 <form action="{url|urlescape}log"> |
|
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
36 {sessionvars%hiddenformentry} |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
37 <p> |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
38 <label for="search2">search:</label> |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
39 <input name="rev" id="search2" type="text" size="30"> |
|
10254
8d5de52431f2
hgweb: changenav: separate pages before and after the current position
Nicolas Dumazet <nicdumz.commits@gmail.com>
parents:
9999
diff
changeset
|
40 navigate: <small class="navigate">{changenav%nav}</small> |
|
7338
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
41 </p> |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
42 </form> |
|
fecfe4392e94
hgweb: move old style to spartan/
Matt Mackall <mpm@selenic.com>
parents:
diff
changeset
|
43 |
|
8431
5c1aabc58004
spartan: use newer template syntax everywhere
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
8357
diff
changeset
|
44 {footer} |