Francois Gouget : testbot/web: Escape URLs to the user details page.
Alexandre Julliard
julliard at winehq.org
Thu Apr 21 15:12:07 CDT 2022
Module: tools
Branch: master
Commit: b2cdcca7480bc42c49092e5ade20d10b71448da9
URL: https://source.winehq.org/git/tools.git/?a=commit;h=b2cdcca7480bc42c49092e5ade20d10b71448da9
Author: Francois Gouget <fgouget at codeweavers.com>
Date: Thu Apr 21 15:58:42 2022 +0200
testbot/web: Escape URLs to the user details page.
It may contain ampersands which should be escaped in HTML documents.
Signed-off-by: Francois Gouget <fgouget at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
---
testbot/web/admin/UsersList.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/testbot/web/admin/UsersList.pl b/testbot/web/admin/UsersList.pl
index dcdb811..ec6d282 100644
--- a/testbot/web/admin/UsersList.pl
+++ b/testbot/web/admin/UsersList.pl
@@ -82,7 +82,7 @@ sub GenerateDataView($$$)
{
($Class, $Label) = ('usernone', 'none');
}
- my $DetailsLink = $self->GetDetailsLink($Row);
+ my $DetailsLink = $self->escapeHTML($self->GetDetailsLink($Row));
print "<a href='$DetailsLink'><span class='$Class'>$Label</span></a>";
}
else
More information about the wine-cvs
mailing list