user/dev discussion of public-inbox itself
 help / color / mirror / code / Atom feed
Search results ordered by [date|relevance]  view[summary|nested|Atom feed]
thread overview below | download mbox.gz: |
* [PATCH 2/4] t/hl_mod: extra check to ensure we escape HTML
  2019-01-27 11:48  4% [PATCH 0/4] viewvcs: wire up highlight to solver Eric Wong
@ 2019-01-27 11:48  7% ` Eric Wong
  0 siblings, 0 replies; 2+ results
From: Eric Wong @ 2019-01-27 11:48 UTC (permalink / raw)
  To: meta

Otherwise, it's open season on our users :<
---
 t/hl_mod.t | 1 +
 1 file changed, 1 insertion(+)

diff --git a/t/hl_mod.t b/t/hl_mod.t
index b8b8eb9..62cc624 100644
--- a/t/hl_mod.t
+++ b/t/hl_mod.t
@@ -20,6 +20,7 @@ my $orig = $str;
 	my $ref = $hls->do_hl(\$str, 'foo.perl');
 	is(ref($ref), 'SCALAR', 'got a scalar reference back');
 	like($$ref, qr/I can see you!/, 'we can see ourselves in output');
+	like($$ref, qr/&amp;&amp;/, 'escaped');
 
 	use PublicInbox::Spawn qw(which);
 	if (eval { require IPC::Run } && which('w3m')) {
-- 
EW


^ permalink raw reply related	[relevance 7%]
* [PATCH 0/4] viewvcs: wire up highlight to solver
@ 2019-01-27 11:48  4% Eric Wong
  2019-01-27 11:48  7% ` [PATCH 2/4] t/hl_mod: extra check to ensure we escape HTML Eric Wong
  0 siblings, 1 reply; 2+ results
From: Eric Wong @ 2019-01-27 11:48 UTC (permalink / raw)
  To: meta

Since we go through the trouble of recreating blobs with solver;
show them with syntax-highlighting.

Fortunately, Debian systems have "libhighlight-perl" SWIG bindings
packaged.  Going to hammer-away on it with check-www-inbox.perl
before deploying

Eric Wong (4):
  wwwhighlight: read_in_full returns undef on errors
  t/hl_mod: extra check to ensure we escape HTML
  hlmod: disable enclosing <pre> tag
  viewvcs: wire up syntax-highlighting for blobs

 contrib/css/216dark.css         | 20 ++++++++++++++++++++
 lib/PublicInbox/HlMod.pm        |  1 -
 lib/PublicInbox/UserContent.pm  | 20 ++++++++++++++++++++
 lib/PublicInbox/ViewVCS.pm      | 15 ++++++++++++++-
 lib/PublicInbox/WwwHighlight.pm |  1 +
 t/hl_mod.t                      |  3 ++-
 6 files changed, 57 insertions(+), 3 deletions(-)

-- 
EW


^ permalink raw reply	[relevance 4%]
Results 1-2 of 2 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2019-01-27 11:48  4% [PATCH 0/4] viewvcs: wire up highlight to solver Eric Wong
2019-01-27 11:48  7% ` [PATCH 2/4] t/hl_mod: extra check to ensure we escape HTML Eric Wong

Code repositories for project(s) associated with this public inbox

	https://80x24.org/public-inbox.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).