From 3ccdbd75b0e337c393e53db0288e72b6e65ab9e0 Mon Sep 17 00:00:00 2001
From: Eric Wong <e@80x24.org>
Date: Fri, 1 Feb 2019 06:30:17 +0000
Subject: viewdiff: escape HTML ampersand for renames

For URLs we generate, we need to escape '&' in query parameters
for correctness.
---
 lib/PublicInbox/ViewDiff.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/PublicInbox/ViewDiff.pm b/lib/PublicInbox/ViewDiff.pm
index 2074e12f..fbdc5b95 100644
--- a/lib/PublicInbox/ViewDiff.pm
+++ b/lib/PublicInbox/ViewDiff.pm
@@ -133,8 +133,8 @@ sub flush_diff ($$$) {
 					Q => "?b=".uri_escape_utf8($pb, UNSAFE),
 				};
 				if ($pa ne $pb) {
-					$dctx->{Q} .=
-					     "&a=".uri_escape_utf8($pa, UNSAFE);
+					$dctx->{Q} .= '&amp;a='.
+						uri_escape_utf8($pa, UNSAFE);
 				}
 				anchor1($dst, $ctx, $linkify, $pb, $s) and next;
 			}
-- 
cgit v1.2.3-24-ge0c7