Changeset - 8d76245daefa
Parent rev.
Child rev.
[Not reviewed]
default
0 1 0
Andrew Shadura - 11 years ago 2015-02-11 20:38:12
andrew@shadura.me
feed: urlify and escape the commit description

This prevents HTML injections and also makes URLs clickable.
1 file changed with 1 insertions and 1 deletions:
kallithea/controllers/feed.py
1
1
0 comments (0 inline, 0 general)
kallithea/controllers/feed.py
Show inline comments
 
@@ -86,49 +86,49 @@ class FeedController(BaseRepoController)
 
                            % st)
 
        if limited_diff:
 
            changes = changes + ['\n ' +
 
                                 _('Changeset was too big and was cut off...')]
 
        return diff_processor, changes
 

			




	
	
	
		
 
    def __get_desc(self, cs):

			




	
	
	
		
 
        desc_msg = [(_('%s committed on %s')

			




	
	
	
		
 
                     % (h.person(cs.author), h.fmt_date(cs.date))) + '<br/>']

			




	
	
	
		
 
        #branches, tags, bookmarks

			




	
	
	
		
 
        if cs.branch:

			




	
	
	
		
 
            desc_msg.append('branch: %s<br/>' % cs.branch)

			




	
	
	
		
 
        if h.is_hg(c.db_repo_scm_instance):

			




	
	
	
		
 
            for book in cs.bookmarks:

			




	
	
	
		
 
                desc_msg.append('bookmark: %s<br/>' % book)

			




	
	
	
		
 
        for tag in cs.tags:

			




	
	
	
		
 
            desc_msg.append('tag: %s<br/>' % tag)

			




	
	
	
		
 
        diff_processor, changes = self.__changes(cs)

			




	
	
	
		
 
        # rev link

			




	
	
	
		
 
        _url = h.canonical_url('changeset_home', repo_name=c.db_repo.repo_name,

			




	
	
	
		
 
                   revision=cs.raw_id)

			




	
	
	
		
 
        desc_msg.append('changeset: <a href="%s">%s</a>' % (_url, cs.raw_id[:8]))

			




	
	
	
		
 

			




	
	
	
		
 
        desc_msg.append('<pre>')

			




	
	
	
		
 
        desc_msg.append(cs.message)

			




	
	
	
		
 
        desc_msg.append(h.urlify_text(cs.message))

			




	
	
	
		
 
        desc_msg.append('\n')

			




	
	
	
		
 
        desc_msg.extend(changes)

			




	
	
	
		
 
        if self.include_diff:

			




	
	
	
		
 
            desc_msg.append('\n\n')

			




	
	
	
		
 
            desc_msg.append(diff_processor.as_raw())

			




	
	
	
		
 
        desc_msg.append('</pre>')

			




	
	
	
		
 
        return map(safe_unicode, desc_msg)

			




	
	
	
		
 

			




	
	
	
		
 
    def atom(self, repo_name):

			




	
	
	
		
 
        """Produce an atom-1.0 feed via feedgenerator module"""

			




	
	
	
		
 

			




	
	
	
		
 
        @cache_region('long_term')

			




	
	
	
		
 
        def _get_feed_from_cache(key, kind):

			




	
	
	
		
 
            feed = Atom1Feed(

			




	
	
	
		
 
                 title=self.title % repo_name,

			




	
	
	
		
 
                 link=h.canonical_url('summary_home', repo_name=repo_name),

			




	
	
	
		
 
                 description=self.description % repo_name,

			




	
	
	
		
 
                 language=self.language,

			




	
	
	
		
 
                 ttl=self.ttl

			




	
	
	
		
 
            )

			




	
	
	
		
 

			




	
	
	
		
 
            for cs in reversed(list(c.db_repo_scm_instance[-self.feed_nr:])):

			




	
	
	
		
 
                feed.add_item(title=self._get_title(cs),

			




	
	
	
		
 
                              link=h.canonical_url('changeset_home', repo_name=repo_name,

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.