[Lxr-commits] CVS: lxr ident,1.39,1.40 search,1.52,1.53

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/lxr/lxr
In directory sfp-cvs-1.v30.ch3.sourceforge.com:/tmp/cvs-serv15939

Modified Files:
	ident search 
Log Message:
ident, search: avoid double HTML escape (patch/bug #46)

"Dangerous" HTML characters & < > are replaced by their HTML entity references. The correct order is & first, otherwise the initial & in entity names gets over escaped preventing original character recovery. Bug was in search but transformation has been ported into ident as a precaution and in case future evolution may allow special characters in identifier names (think of Lisp for instance).
(Thanks to David Faure for pointing out this bug)

Index: ident
===================================================================
RCS file: /cvsroot/lxr/lxr/ident,v
retrieving revision 1.39
retrieving revision 1.40
diff -u -d -r1.39 -r1.40

--- ident	8 Nov 2013 14:22:25 -0000	1.39
+++ ident	6 Apr 2014 17:14:42 -0000	1.40
@@ -561,8 +561,8 @@
 		expandtemplate
 			( $templ
 			,	( 'variables'		=> \&varinputs
-				, 'identifier'		=> sub { $_ = $identifier; s/</&lt;/g; s/>/&gt;/g; return $_; }
-				, 'identifier_escaped'=> sub { $_ = $identifier; s/\"/&quot;/g; s/</&lt;/g; s/>/&gt;/g; return $_; }
+				, 'identifier'		=> sub { $_ = $identifier; s/&/&amp;/g; s/</&lt;/g; s/>/&gt;/g; return $_; }
+				, 'identifier_escaped'=> sub { $_ = $identifier; s/&/&amp;/g; s/\"/&quot;/g; s/</&lt;/g; s/>/&gt;/g; return $_; }
 				, 'checked'			=> sub { $defonly ? 'checked="checked"' : '' }
 				, 'varbtnaction'	=> sub { varbtnaction(@_, 'ident') }
 				, 'urlargs'			=> sub { urlexpand('-', 'ident') }

Index: search
===================================================================
RCS file: /cvsroot/lxr/lxr/search,v
retrieving revision 1.52
retrieving revision 1.53
diff -u -d -r1.52 -r1.53
--- search	8 Nov 2013 14:22:25 -0000	1.52
+++ search	6 Apr 2014 17:14:42 -0000	1.53
@@ -582,7 +582,7 @@
 		( $templ
 		,	( 'variables'			=> \&varinputs
 			, 'searchtext'			=> sub { $_ = $searchtext; s/&/&amp;/g; s/</&lt;/g; s/>/&gt;/g; return $_; }
-			, 'searchtext_escaped'	=> sub { $_ = $searchtext; s/\"/&quot;/g; s/&/&amp;/g; s/</&lt;/g; s/>/&gt;/g; return $_; }
+			, 'searchtext_escaped'	=> sub { $_ = $searchtext; s/&/&amp;/g; s/\"/&quot;/g; s/</&lt;/g; s/>/&gt;/g; return $_; }
 			, 'filetext_escaped'	=> sub { $_ = $filetext; s/\"/&quot;/g; return $_; }
 			, 'advancedchecked'		=> sub { $advanced ? 'checked' : '' }
 			, 'casesensitivechecked'=> sub { $casesensitive ? 'checked' : '' }



