about summary refs log tree commit diff
path: root/html.c
diff options
context:
space:
mode:
authorLars Hjemli <hjemli@gmail.com>2011-05-30 23:57:25 +0200
committerLars Hjemli <hjemli@gmail.com>2011-05-30 23:57:25 +0200
commit52fbcf2ffac0025128cc1d50681a7ccd859ef3f0 (patch)
tree46ef06dfd6575e672dc4d5c92b522af7c3bf5f1c /html.c
parentui_repolist: get modtime from packed-refs as fallback (diff)
parentProperly escape ampersands inside HTML attributes (diff)
downloadcgit-pink-52fbcf2ffac0025128cc1d50681a7ccd859ef3f0.tar.gz
cgit-pink-52fbcf2ffac0025128cc1d50681a7ccd859ef3f0.zip
Merge branch 'stable'
Diffstat (limited to 'html.c')
-rw-r--r--html.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/html.c b/html.c
index 4a18a57..eb1c25d 100644
--- a/html.c
+++ b/html.c
@@ -138,7 +138,7 @@ void html_attr(const char *txt)
 	const char *t = txt;
 	while(t && *t){
 		int c = *t;
-		if (c=='<' || c=='>' || c=='\'' || c=='\"') {
+		if (c=='<' || c=='>' || c=='\'' || c=='\"' || c=='&') {
 			html_raw(txt, t - txt);
 			if (c=='>')
 				html("&gt;");
@@ -148,6 +148,8 @@ void html_attr(const char *txt)
 				html("&#x27;");
 			else if (c=='"')
 				html("&quot;");
+			else if (c=='&')
+				html("&amp;");
 			txt = t+1;
 		}
 		t++;