aboutsummaryrefslogtreecommitdiff
path: root/gitweb
diff options
context:
space:
mode:
authorJakub Narebski <jnareb@gmail.com>2006-09-26 01:59:43 +0200
committerJunio C Hamano <junkio@cox.net>2006-09-27 00:41:36 -0700
commitab41dfbfd4f3f9fedac71550027e9813b11abe3d (patch)
tree6a750670c1ddfb03570b85d87e3f1403708b477e /gitweb
parentf93bff8d4531d19938a9afbdc28b8d8f4dc97b32 (diff)
downloadgit-ab41dfbfd4f3f9fedac71550027e9813b11abe3d.tar.gz
git-ab41dfbfd4f3f9fedac71550027e9813b11abe3d.tar.xz
gitweb: Quote filename in HTTP Content-Disposition: header
Finish work started by commit a2f3db2 (although not documented in commit message) of quoting using quotemeta the filename in HTTP -content_disposition header. Just in case filename contains end of line character. Also use consistent coding style to compute -content_disposition parameter. Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <junkio@cox.net>
Diffstat (limited to 'gitweb')
-rwxr-xr-xgitweb/gitweb.perl17
1 files changed, 9 insertions, 8 deletions
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
index 093ee604f..9349fa1cb 100755
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@@ -2320,7 +2320,7 @@ sub git_project_index {
print $cgi->header(
-type => 'text/plain',
-charset => 'utf-8',
- -content_disposition => qq(inline; filename="index.aux"));
+ -content_disposition => 'inline; filename="index.aux"');
foreach my $pr (@projects) {
if (!exists $pr->{'owner'}) {
@@ -2682,7 +2682,7 @@ sub git_blob_plain {
print $cgi->header(
-type => "$type",
-expires=>$expires,
- -content_disposition => "inline; filename=\"$save_as\"");
+ -content_disposition => 'inline; filename="' . quotemeta($save_as) . '"');
undef $/;
binmode STDOUT, ':raw';
print <$fd>;
@@ -2856,10 +2856,11 @@ sub git_snapshot {
my $filename = basename($project) . "-$hash.tar.$suffix";
- print $cgi->header(-type => 'application/x-tar',
- -content_encoding => $ctype,
- -content_disposition => "inline; filename=\"$filename\"",
- -status => '200 OK');
+ print $cgi->header(
+ -type => 'application/x-tar',
+ -content_encoding => $ctype,
+ -content_disposition => 'inline; filename="' . quotemeta($filename) . '"',
+ -status => '200 OK');
my $git_command = git_cmd_str();
open my $fd, "-|", "$git_command tar-tree $hash \'$project\' | $command" or
@@ -3169,7 +3170,7 @@ sub git_blobdiff {
-type => 'text/plain',
-charset => 'utf-8',
-expires => $expires,
- -content_disposition => qq(inline; filename=") . quotemeta($file_name) . qq(.patch"));
+ -content_disposition => 'inline; filename="' . quotemeta($file_name) . '.patch"');
print "X-Git-Url: " . $cgi->self_url() . "\n\n";
@@ -3272,7 +3273,7 @@ sub git_commitdiff {
-type => 'text/plain',
-charset => 'utf-8',
-expires => $expires,
- -content_disposition => qq(inline; filename="$filename"));
+ -content_disposition => 'inline; filename="' . quotemeta($filename) . '"');
my %ad = parse_date($co{'author_epoch'}, $co{'author_tz'});
print <<TEXT;
From: $co{'author'}