help / color / Atom feed
* cvsweb: Partial merge of rev.
@ 2019-11-09  9:32 schwarze
  0 siblings, 0 replies; only message in thread
From: schwarze @ 2019-11-09  9:32 UTC (permalink / raw)
  To: source

Log Message:
Partial merge of rev.; the rest will be fixed differently
because the original diff caused regressions.

Original commit message:
Patch from Peter J. Philipp <pjp at centroid dot eu>
to fix some opportunities for XSS;
triggered by a report from Ezio Paglia.

Modified Files:

Revision Data
Index: cvsweb.cgi
RCS file: /home/cvs/mandoc/cvsweb/cvsweb.cgi,v
retrieving revision 4.6
retrieving revision 4.7
diff -Lcvsweb.cgi -Lcvsweb.cgi -u -p -r4.6 -r4.7
--- cvsweb.cgi
+++ cvsweb.cgi
@@ -4194,6 +4194,7 @@ sub htmlquote($)
   # Special Characters; RFC 1866
+  s/%22/&quot;/g;
   return $_;
 To unsubscribe send an email to

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-11-09  9:32 cvsweb: Partial merge of rev schwarze

Archives are clonable: git clone --mirror

Example config snippet for mirrors

Newsgroup available over NNTP:

AGPL code for this site: git clone