The in-project search form needs to duplicate some of the logic of
the href() subroutine, because the parameters need to be encoded
in the form rather than in the URL. However it failed to correctly
append the project PATH_INFO in cases when there is a trailing slash
on gitweb's self-referential URL, and failed to correctly follow
PATH_INFO escaping rules.
This change makes the form action URL consistent with the URL
generated by href().
Signed-off-by: Tony Finch <d...@dotat.at>
---
gitweb/gitweb.perl | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
index a02f3e4..05acd73 100755
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@@ -4129,10 +4129,14 @@ sub print_search_form {
} else {
$search_hash = "HEAD";
}
+ # We can't use href() here because we need to encode the
+ # URL parameters into the form, not into the action link.
my $action = $my_uri;
my $use_pathinfo = gitweb_check_feature('pathinfo');
if ($use_pathinfo) {
- $action .= "/".esc_url($project);
+ # See notes about doubled / in href()
+ $action =~ s,/$,,;
+ $action .= "/".esc_path_info($project);
}
print $cgi->start_form(-method => "get", -action => $action) .
"<div class=\"search\">\n" .
--
2.2.1.68.g56d9796
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
