diff options
| author | Vincent Ambo <mail@tazj.in> | 2020-11-21T18·20+0100 |
|---|---|---|
| committer | Vincent Ambo <mail@tazj.in> | 2020-11-21T18·45+0100 |
| commit | f4609b896fac842433bd495c166d5987852a6a73 (patch) | |
| tree | 95511c465c54c4f5d27e5d39ce187e2a1dd82bd3 /third_party/git/gitweb/gitweb.perl | |
| parent | 082c006c04343a78d87b6c6ab3608c25d6213c3f (diff) | |
merge(3p/git): Merge git subtree at v2.29.2 r/1890
This also bumps the stable nixpkgs to 20.09 as of 2020-11-21, because there is some breakage in the git build related to the netrc credentials helper which someone has taken care of in nixpkgs. The stable channel is not used for anything other than git, so this should be fine. Change-Id: I3575a19dab09e1e9556cf8231d717de9890484fb
Diffstat (limited to 'third_party/git/gitweb/gitweb.perl')
| -rwxr-xr-x | third_party/git/gitweb/gitweb.perl | 71 |
1 files changed, 45 insertions, 26 deletions
diff --git a/third_party/git/gitweb/gitweb.perl b/third_party/git/gitweb/gitweb.perl index 7fef19fe59..0959a782ec 100755 --- a/third_party/git/gitweb/gitweb.perl +++ b/third_party/git/gitweb/gitweb.perl @@ -741,7 +741,7 @@ sub evaluate_gitweb_config { $GITWEB_CONFIG_SYSTEM = "" if ($GITWEB_CONFIG_SYSTEM eq $GITWEB_CONFIG_COMMON); # Common system-wide settings for convenience. - # Those settings can be ovverriden by GITWEB_CONFIG or GITWEB_CONFIG_SYSTEM. + # Those settings can be overridden by GITWEB_CONFIG or GITWEB_CONFIG_SYSTEM. read_config_file($GITWEB_CONFIG_COMMON); # Use first config file that exists. This means use the per-instance @@ -1291,9 +1291,23 @@ our $is_last_request = sub { 1 }; our ($pre_dispatch_hook, $post_dispatch_hook, $pre_listen_hook); our $CGI = 'CGI'; our $cgi; +our $FCGI_Stream_PRINT_raw = \&FCGI::Stream::PRINT; sub configure_as_fcgi { require CGI::Fast; our $CGI = 'CGI::Fast'; + # FCGI is not Unicode aware hence the UTF-8 encoding must be done manually. + # However no encoding must be done within git_blob_plain() and git_snapshot() + # which must still output in raw binary mode. + no warnings 'redefine'; + my $enc = Encode::find_encoding('UTF-8'); + *FCGI::Stream::PRINT = sub { + my @OUTPUT = @_; + for (my $i = 1; $i < @_; $i++) { + $OUTPUT[$i] = $enc->encode($_[$i], Encode::FB_CROAK|Encode::LEAVE_SRC); + } + @_ = @OUTPUT; + goto $FCGI_Stream_PRINT_raw; + }; my $request_number = 0; # let each child service 100 requests @@ -1657,15 +1671,15 @@ sub quot_cec { my $cntrl = shift; my %opts = @_; my %es = ( # character escape codes, aka escape sequences - "\t" => '\t', # tab (HT) - "\n" => '\n', # line feed (LF) - "\r" => '\r', # carrige return (CR) - "\f" => '\f', # form feed (FF) - "\b" => '\b', # backspace (BS) - "\a" => '\a', # alarm (bell) (BEL) - "\e" => '\e', # escape (ESC) - "\013" => '\v', # vertical tab (VT) - "\000" => '\0', # nul character (NUL) + "\t" => '\t', # tab (HT) + "\n" => '\n', # line feed (LF) + "\r" => '\r', # carriage return (CR) + "\f" => '\f', # form feed (FF) + "\b" => '\b', # backspace (BS) + "\a" => '\a', # alarm (bell) (BEL) + "\e" => '\e', # escape (ESC) + "\013" => '\v', # vertical tab (VT) + "\000" => '\0', # nul character (NUL) ); my $chr = ( (exists $es{$cntrl}) ? $es{$cntrl} @@ -4048,7 +4062,7 @@ sub print_feed_meta { $href_params{'extra_options'} = undef; $href_params{'action'} = $type; - $link_attr{'-href'} = href(%href_params); + $link_attr{'-href'} = esc_attr(href(%href_params)); print "<link ". "rel=\"$link_attr{'-rel'}\" ". "title=\"$link_attr{'-title'}\" ". @@ -4057,7 +4071,7 @@ sub print_feed_meta { "/>\n"; $href_params{'extra_options'} = '--no-merges'; - $link_attr{'-href'} = href(%href_params); + $link_attr{'-href'} = esc_attr(href(%href_params)); $link_attr{'-title'} .= ' (no merges)'; print "<link ". "rel=\"$link_attr{'-rel'}\" ". @@ -4070,10 +4084,12 @@ sub print_feed_meta { } else { printf('<link rel="alternate" title="%s projects list" '. 'href="%s" type="text/plain; charset=utf-8" />'."\n", - esc_attr($site_name), href(project=>undef, action=>"project_index")); + esc_attr($site_name), + esc_attr(href(project=>undef, action=>"project_index"))); printf('<link rel="alternate" title="%s projects feeds" '. 'href="%s" type="text/x-opml" />'."\n", - esc_attr($site_name), href(project=>undef, action=>"opml")); + esc_attr($site_name), + esc_attr(href(project=>undef, action=>"opml"))); } } @@ -4287,8 +4303,8 @@ sub git_footer_html { if (defined $action && $action eq 'blame_incremental') { print qq!<script type="text/javascript">\n!. - qq!startBlame("!. href(action=>"blame_data", -replay=>1) .qq!",\n!. - qq! "!. href() .qq!");\n!. + qq!startBlame("!. esc_attr(href(action=>"blame_data", -replay=>1)) .qq!",\n!. + qq! "!. esc_attr(href()) .qq!");\n!. qq!</script>\n!; } else { my ($jstimezone, $tz_cookie, $datetime_class) = @@ -4625,7 +4641,7 @@ sub git_print_log { # print log my $skip_blank_line = 0; foreach my $line (@$log) { - if ($line =~ m/^\s*([A-Z][-A-Za-z]*-[Bb]y|C[Cc]): /) { + if ($line =~ m/^\s*([A-Z][-A-Za-z]*-([Bb]y|[Tt]o)|C[Cc]|(Clos|Fix)es): /) { if (! $opts{'-remove_signoff'}) { print "<span class=\"signoff\">" . esc_html($line) . "</span><br/>\n"; $skip_blank_line = 1; @@ -5283,7 +5299,7 @@ sub format_ctx_rem_add_lines { # + c # + d # - # Otherwise the highlightling would be confusing. + # Otherwise the highlighting would be confusing. if ($is_combined) { for (my $i = 0; $i < @$add; $i++) { my $prefix_rem = substr($rem->[$i], 0, $num_parents); @@ -7077,6 +7093,7 @@ sub git_blob_plain { ($sandbox ? 'attachment' : 'inline') . '; filename="' . $save_as . '"'); local $/ = undef; + local *FCGI::Stream::PRINT = $FCGI_Stream_PRINT_raw; binmode STDOUT, ':raw'; print <$fd>; binmode STDOUT, ':utf8'; # as set at the beginning of gitweb.cgi @@ -7155,8 +7172,8 @@ sub git_blob { print qq! alt="!.esc_attr($file_name).qq!" title="!.esc_attr($file_name).qq!"!; } print qq! src="! . - href(action=>"blob_plain", hash=>$hash, - hash_base=>$hash_base, file_name=>$file_name) . + esc_attr(href(action=>"blob_plain", hash=>$hash, + hash_base=>$hash_base, file_name=>$file_name)) . qq!" />\n!; } else { my $nr; @@ -7415,6 +7432,7 @@ sub git_snapshot { open my $fd, "-|", $cmd or die_error(500, "Execute git-archive failed"); + local *FCGI::Stream::PRINT = $FCGI_Stream_PRINT_raw; binmode STDOUT, ':raw'; print <$fd>; binmode STDOUT, ':utf8'; # as set at the beginning of gitweb.cgi @@ -8239,6 +8257,7 @@ sub git_feed { } else { $alt_url = href(-full=>1, action=>"summary"); } + $alt_url = esc_attr($alt_url); print qq!<?xml version="1.0" encoding="utf-8"?>\n!; if ($format eq 'rss') { print <<XML; @@ -8276,7 +8295,7 @@ XML $alt_url . '" />' . "\n" . '<link rel="self" type="' . $content_type . '" href="' . $cgi->self_url() . '" />' . "\n" . - "<id>" . href(-full=>1) . "</id>\n" . + "<id>" . esc_url(href(-full=>1)) . "</id>\n" . # use project owner for feed author "<author><name>$owner</name></author>\n"; if (defined $favicon) { @@ -8322,7 +8341,7 @@ XML "<author>" . esc_html($co{'author'}) . "</author>\n" . "<pubDate>$cd{'rfc2822'}</pubDate>\n" . "<guid isPermaLink=\"true\">$co_url</guid>\n" . - "<link>$co_url</link>\n" . + "<link>" . esc_html($co_url) . "</link>\n" . "<description>" . esc_html($co{'title'}) . "</description>\n" . "<content:encoded>" . "<![CDATA[\n"; @@ -8344,8 +8363,8 @@ XML } print "</contributor>\n" . "<published>$cd{'iso-8601'}</published>\n" . - "<link rel=\"alternate\" type=\"text/html\" href=\"$co_url\" />\n" . - "<id>$co_url</id>\n" . + "<link rel=\"alternate\" type=\"text/html\" href=\"" . esc_attr($co_url) . "\" />\n" . + "<id>" . esc_html($co_url) . "</id>\n" . "<content type=\"xhtml\" xml:base=\"" . esc_url($my_url) . "\">\n" . "<div xmlns=\"http://www.w3.org/1999/xhtml\">\n"; } @@ -8452,8 +8471,8 @@ XML } my $path = esc_html(chop_str($proj{'path'}, 25, 5)); - my $rss = href('project' => $proj{'path'}, 'action' => 'rss', -full => 1); - my $html = href('project' => $proj{'path'}, 'action' => 'summary', -full => 1); + my $rss = esc_attr(href('project' => $proj{'path'}, 'action' => 'rss', -full => 1)); + my $html = esc_attr(href('project' => $proj{'path'}, 'action' => 'summary', -full => 1)); print "<outline type=\"rss\" text=\"$path\" title=\"$path\" xmlUrl=\"$rss\" htmlUrl=\"$html\"/>\n"; } print <<XML; |