mirror of
https://github.com/facebook/sapling.git
synced 2024-10-09 08:18:15 +03:00
6ca8967a44
Without this, repository paths or names containing e.g. & characters or html tags yielded strange results, possibly allowing cross-site scripting attacks.
38 lines
944 B
Cheetah
38 lines
944 B
Cheetah
{header}
|
|
<title>{repo|escape}: searching for {query|escape}</title>
|
|
</head>
|
|
<body>
|
|
|
|
<div class="buttons">
|
|
<a href="{url|urlescape}log{sessionvars%urlparameter}">changelog</a>
|
|
<a href="{url|urlescape}shortlog{sessionvars%urlparameter}">shortlog</a>
|
|
<a href="{url|urlescape}graph{sessionvars%urlparameter}">graph</a>
|
|
<a href="{url|urlescape}tags{sessionvars%urlparameter}">tags</a>
|
|
<a href="{url|urlescape}branches{sessionvars%urlparameter}">branches</a>
|
|
<a href="{url|urlescape}file/{node|short}{sessionvars%urlparameter}">files</a>
|
|
{archives%archiveentry}
|
|
<a href="{url|urlescape}help{sessionvars%urlparameter}">help</a>
|
|
</div>
|
|
|
|
<h2>searching for {query|escape}</h2>
|
|
|
|
<form>
|
|
{sessionvars%hiddenformentry}
|
|
<p>
|
|
search:
|
|
<input name="rev" type="text" width="30" value="{query|escape}">
|
|
</p>
|
|
</form>
|
|
|
|
{entries}
|
|
|
|
<form>
|
|
{sessionvars%hiddenformentry}
|
|
<p>
|
|
search:
|
|
<input name="rev" type="text" width="30" value="{query|escape}">
|
|
</p>
|
|
</form>
|
|
|
|
{footer}
|