From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-4.0 required=3.0 tests=ALL_TRUSTED,BAYES_00 shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from localhost (dcvr.yhbt.net [127.0.0.1]) by dcvr.yhbt.net (Postfix) with ESMTP id A94182141A for ; Fri, 1 Feb 2019 07:50:38 +0000 (UTC) From: Eric Wong To: meta@public-inbox.org Subject: [PATCH 2/3] viewdiff: escape HTML ampersand for renames Date: Fri, 1 Feb 2019 07:50:29 +0000 Message-Id: <20190201075030.23449-3-e@80x24.org> In-Reply-To: <20190201075030.23449-1-e@80x24.org> References: <20190201075030.23449-1-e@80x24.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit List-Id: For URLs we generate, we need to escape '&' in query parameters for correctness. --- lib/PublicInbox/ViewDiff.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/PublicInbox/ViewDiff.pm b/lib/PublicInbox/ViewDiff.pm index 2074e12..fbdc5b9 100644 --- a/lib/PublicInbox/ViewDiff.pm +++ b/lib/PublicInbox/ViewDiff.pm @@ -133,8 +133,8 @@ sub flush_diff ($$$) { Q => "?b=".uri_escape_utf8($pb, UNSAFE), }; if ($pa ne $pb) { - $dctx->{Q} .= - "&a=".uri_escape_utf8($pa, UNSAFE); + $dctx->{Q} .= '&a='. + uri_escape_utf8($pa, UNSAFE); } anchor1($dst, $ctx, $linkify, $pb, $s) and next; } -- EW