summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTed Trask <ttrask01@yahoo.com>2009-01-15 21:44:39 +0000
committerTed Trask <ttrask01@yahoo.com>2009-01-15 21:44:39 +0000
commit46ea286ecd9626fa9002e939676b18fe6fba26d6 (patch)
tree74d306f0725cecb54c4f486406c20f1f97a57c0c
parente97b155a36a9fe474dd3152e45e5dbfc57d1993b (diff)
downloadacf-alpine-conf-46ea286ecd9626fa9002e939676b18fe6fba26d6.tar.bz2
acf-alpine-conf-46ea286ecd9626fa9002e939676b18fe6fba26d6.tar.xz
Modified html.lua and viewlibrary.lua and all html files to html_escape variables before displaying them.
git-svn-id: svn://svn.alpinelinux.org/acf/alpine-conf/trunk@1678 ab2d0c66-481e-0410-8bed-d214d4d58bed
-rw-r--r--lbu-listbackups-html.lsp2
-rw-r--r--lbu-listchanges-html.lsp4
2 files changed, 3 insertions, 3 deletions
diff --git a/lbu-listbackups-html.lsp b/lbu-listbackups-html.lsp
index cc6e3d8..a2e80e4 100644
--- a/lbu-listbackups-html.lsp
+++ b/lbu-listbackups-html.lsp
@@ -24,7 +24,7 @@ No backup files
<tr><td>
<%= html.link{value="selectbackup?backup="..name, label="Select "} %>
</td>
- <td><%= name %></td></tr>
+ <td><%= html.html_escape(name) %></td></tr>
<% end
end %>
</table>
diff --git a/lbu-listchanges-html.lsp b/lbu-listchanges-html.lsp
index 0733e96..42d6387 100644
--- a/lbu-listchanges-html.lsp
+++ b/lbu-listchanges-html.lsp
@@ -22,7 +22,7 @@ end %>
<H1>Download Overlay</H1>
<DL>
<DT>Generate and download overlay</DT>
- <DD><form action="<%= page_info.script .. page_info.prefix %>lbu/getpackage" method="POST">
+ <DD><form action="<%= html.html_escape(page_info.script .. page_info.prefix) %>lbu/getpackage" method="POST">
<input class="submit" type="submit" name="Download" value="Download"></form></DD>
</DL>
<% end %>
@@ -35,7 +35,7 @@ end %>
io.write("None")
else
for i,file in pairs(view.value) do
- io.write(file.status .. "\t" .. file.name .. "\n")
+ io.write(html.html_escape(file.status .. "\t" .. file.name .. "\n"))
end
end
%></pre></DD>