Mercurial Mercurial > hg / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hgweb: add escaping of tags and bookmarks in graph view stable
authorMatt Mackall <mpm@selenic.com>
Wed, 09 Oct 2013 12:02:32 -0700
branchstable
changeset 19883 904061628dc4
parent 19882 55c763926a28
child 19886 e828975722c8
child 19914 f91e932b2cfe
hgweb: add escaping of tags and bookmarks in graph view
mercurial/hgweb/webcommands.py file | annotate | diff | comparison | revisions 
--- a/mercurial/hgweb/webcommands.py	Wed Oct 09 11:50:19 2013 -0700
+++ b/mercurial/hgweb/webcommands.py	Wed Oct 09 12:02:32 2013 -0700
@@ -922,7 +922,8 @@
 
             if usetuples:
                 data.append((node, vtx, edges, desc, user, age, branch,
-                             ctx.tags(), ctx.bookmarks()))
+                             [cgi.escape(x) for x in ctx.tags()],
+                             [cgi.escape(x) for x in ctx.bookmarks()]))
             else:
                 edgedata = [dict(col=edge[0], nextcol=edge[1],
                                  color=(edge[2] - 1) % 6 + 1,
Mercurial