gitweb: No error messages with unescaped/unprotected user input

author Jakub Narebski <jnareb@gmail.com>

Sat, 5 Aug 2006 11:15:24 +0000 (13:15 +0200)

committer Junio C Hamano <junkio@cox.net>

Sun, 6 Aug 2006 08:59:36 +0000 (01:59 -0700)
author Jakub Narebski <jnareb@gmail.com>
Sat, 5 Aug 2006 11:15:24 +0000 (13:15 +0200)
committer Junio C Hamano <junkio@cox.net>
Sun, 6 Aug 2006 08:59:36 +0000 (01:59 -0700)
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl

index 62849014574861d0da899d31c49f401dcaa168f3..2e2629ca53dcb67a78bfb62333b06181a435bd41 100755 (executable)
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@@ -1265,7 +1265,7 @@ sub git_diff_print {
  sub git_project_list {
         my $order = $cgi->param('o');
         if (defined $order && $order !~ m/project|descr|owner|age/) {
-               die_error(undef, "Invalid order parameter '$order'");
+               die_error(undef, "Unknown order parameter");
         }
  
         my @list = git_read_projects();
author	Jakub Narebski <jnareb@gmail.com>
	Sat, 5 Aug 2006 11:15:24 +0000 (13:15 +0200)
committer	Junio C Hamano <junkio@cox.net>
	Sun, 6 Aug 2006 08:59:36 +0000 (01:59 -0700)