diff options
author | Ted Trask <ttrask01@yahoo.com> | 2009-01-15 21:44:39 +0000 |
---|---|---|
committer | Ted Trask <ttrask01@yahoo.com> | 2009-01-15 21:44:39 +0000 |
commit | 46ea286ecd9626fa9002e939676b18fe6fba26d6 (patch) | |
tree | 74d306f0725cecb54c4f486406c20f1f97a57c0c | |
parent | e97b155a36a9fe474dd3152e45e5dbfc57d1993b (diff) | |
download | acf-alpine-conf-46ea286ecd9626fa9002e939676b18fe6fba26d6.tar.bz2 acf-alpine-conf-46ea286ecd9626fa9002e939676b18fe6fba26d6.tar.xz |
Modified html.lua and viewlibrary.lua and all html files to html_escape variables before displaying them.
git-svn-id: svn://svn.alpinelinux.org/acf/alpine-conf/trunk@1678 ab2d0c66-481e-0410-8bed-d214d4d58bed
-rw-r--r-- | lbu-listbackups-html.lsp | 2 | ||||
-rw-r--r-- | lbu-listchanges-html.lsp | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/lbu-listbackups-html.lsp b/lbu-listbackups-html.lsp index cc6e3d8..a2e80e4 100644 --- a/lbu-listbackups-html.lsp +++ b/lbu-listbackups-html.lsp @@ -24,7 +24,7 @@ No backup files <tr><td> <%= html.link{value="selectbackup?backup="..name, label="Select "} %> </td> - <td><%= name %></td></tr> + <td><%= html.html_escape(name) %></td></tr> <% end end %> </table> diff --git a/lbu-listchanges-html.lsp b/lbu-listchanges-html.lsp index 0733e96..42d6387 100644 --- a/lbu-listchanges-html.lsp +++ b/lbu-listchanges-html.lsp @@ -22,7 +22,7 @@ end %> <H1>Download Overlay</H1> <DL> <DT>Generate and download overlay</DT> - <DD><form action="<%= page_info.script .. page_info.prefix %>lbu/getpackage" method="POST"> + <DD><form action="<%= html.html_escape(page_info.script .. page_info.prefix) %>lbu/getpackage" method="POST"> <input class="submit" type="submit" name="Download" value="Download"></form></DD> </DL> <% end %> @@ -35,7 +35,7 @@ end %> io.write("None") else for i,file in pairs(view.value) do - io.write(file.status .. "\t" .. file.name .. "\n") + io.write(html.html_escape(file.status .. "\t" .. file.name .. "\n")) end end %></pre></DD> |