* Jason A. Donenfeld <[email protected]> [2012-10-28]: > On Sat, Oct 27, 2012 at 7:00 PM, Ben Boeckel <[email protected]> wrote: > >> + cgit_print_error(fmt("Authorization failed for repo: '%s' > >> and user: '%s'", > >> + ctx->repo->name, > >> ctx->env.remote_user)); > > XSS.
Would it be enough to use 'html_txt' from html.c: http://git.zx2c4.com/cgit/tree/html.c#n92 to prevent this? V- _______________________________________________ cgit mailing list [email protected] http://hjemli.net/mailman/listinfo/cgit
