gitweb: fix over-eager application of esc_html().

Contents of %diffinfo hash should be quoted upon output but kept unquoted internally. Later users of this hash expect filenames to be filenames, not HTML gibberish. Signed-off-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <junkio@cox.net>
git-mirror · Sep 25, 2006 · 8391548 · 8391548
1 parent 8815788
commit 8391548
Showing 1 changed file with 6 additions and 6 deletions.
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
@@ -3062,12 +3062,12 @@ sub git_blobdiff {
 		if (defined $file_name) {
 			if (defined $file_parent) {
 				$diffinfo{'status'} = '2';
-				$diffinfo{'from_file'} = esc_html($file_parent);
-				$diffinfo{'to_file'}   = esc_html($file_name);
+				$diffinfo{'from_file'} = $file_parent;
+				$diffinfo{'to_file'}   = $file_name;
 			} else { # assume not renamed
 				$diffinfo{'status'} = '1';
-				$diffinfo{'from_file'} = esc_html($file_name);
-				$diffinfo{'to_file'}   = esc_html($file_name);
+				$diffinfo{'from_file'} = $file_name;
+				$diffinfo{'to_file'}   = $file_name;
 			}
 		} else { # no filename given
 			$diffinfo{'status'} = '2';
@@ -3136,8 +3136,8 @@ sub git_blobdiff {
 
 	} else {
 		while (my $line = <$fd>) {
-			$line =~ s!a/($hash|$hash_parent)!a/$diffinfo{'from_file'}!g;
-			$line =~ s!b/($hash|$hash_parent)!b/$diffinfo{'to_file'}!g;
+			$line =~ s!a/($hash|$hash_parent)!'a/'.esc_html($diffinfo{'from_file'})!eg;
+			$line =~ s!b/($hash|$hash_parent)!'b/'.esc_html($diffinfo{'to_file'})!eg;
 
 			print $line;