From 8271d74715fef2db7f15a8378a4e3845409f2550 Mon Sep 17 00:00:00 2001
From: Ted Trask <ttrask01@yahoo.com>
Date: Thu, 15 Jan 2009 21:44:39 +0000
Subject: Modified html.lua and viewlibrary.lua and all html files to
 html_escape variables before displaying them.

git-svn-id: svn://svn.alpinelinux.org/acf/apk-tools/trunk@1678 ab2d0c66-481e-0410-8bed-d214d4d58bed
---
 apk-html.lsp | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/apk-html.lsp b/apk-html.lsp
index 4b5a340..afc62bd 100644
--- a/apk-html.lsp
+++ b/apk-html.lsp
@@ -30,9 +30,9 @@ io.write("</span>")
 		<%= html.link{value = "delete?package=" .. packagetable.name, label="Delete"} %>
 		</TD>
 	<% end %>
-		<TD><%= packagetable.name %></TD>
-		<TD><%= packagetable.version %></TD>
-		<TD><%= packagetable.description %></TD>
+		<TD><%= html.html_escape(packagetable.name) %></TD>
+		<TD><%= html.html_escape(packagetable.version) %></TD>
+		<TD><%= html.html_escape(packagetable.description) %></TD>
 	</TR>
 <% end %>
 </TABLE>
@@ -58,8 +58,8 @@ io.write("</span>")
 		<%= html.link{value = "install?package=" .. packagetable.name, label="Install"} %>
 		</TD>
 	<% end %>
-		<TD><%= packagetable.name %></TD>
-		<TD><%= packagetable.version %></TD>
+		<TD><%= html.html_escape(packagetable.name) %></TD>
+		<TD><%= html.html_escape(packagetable.version) %></TD>
 	</TR>
 <% end %>
 </TABLE>
-- 
cgit v1.2.3