author | Junio C Hamano <gitster@pobox.com> | |
Wed, 5 Oct 2011 19:36:26 +0000 (12:36 -0700) | ||
committer | Junio C Hamano <gitster@pobox.com> | |
Wed, 5 Oct 2011 19:36:26 +0000 (12:36 -0700) |
* jn/gitweb-highlite-sanitise:
gitweb: Strip non-printable characters from syntax highlighter output
gitweb: Strip non-printable characters from syntax highlighter output
gitweb/gitweb.perl | patch | blob | history |
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
index 70a576a626ac67516af7b980c64ec33da6b7c19b..85d64b244dead86132de8a2a980cfbfc27c86494 100755 (executable)
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
return $str;
}
+# Sanitize for use in XHTML + application/xml+xhtm (valid XML 1.0)
+sub sanitize {
+ my $str = shift;
+
+ return undef unless defined $str;
+
+ $str = to_utf8($str);
+ $str =~ s|([[:cntrl:]])|($1 =~ /[\t\n\r]/ ? $1 : quot_cec($1))|eg;
+ return $str;
+}
+
# Make control characters "printable", using character escape codes (CEC)
sub quot_cec {
my $cntrl = shift;
$nr++;
$line = untabify($line);
printf qq!<div class="pre"><a id="l%i" href="%s#l%i" class="linenr">%4i</a> %s</div>\n!,
- $nr, esc_attr(href(-replay => 1)), $nr, $nr, $syntax ? to_utf8($line) : esc_html($line, -nbsp=>1);
+ $nr, esc_attr(href(-replay => 1)), $nr, $nr,
+ $syntax ? sanitize($line) : esc_html($line, -nbsp=>1);
}
}
close $fd