Mercurial Hosting > luan

changeset 1848:6f3f1768fdde default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
html encode dir names
author Franklin Schmidt <fschmidt@gmail.com>
date Thu, 20 Feb 2025 14:38:07 -0700
parents aa008b20d820
children
files src/goodjava/webserver/handlers/DirHandler.java
diffstat 1 files changed, 3 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/goodjava/webserver/handlers/DirHandler.java	Wed Feb 19 14:38:04 2025 -0700
+++ b/src/goodjava/webserver/handlers/DirHandler.java	Thu Feb 20 14:38:07 2025 -0700
@@ -10,6 +10,7 @@
 import java.util.Arrays;
 import java.util.Comparator;
 import java.util.Date;
+import goodjava.html.Html;
 import goodjava.webserver.Handler;
 import goodjava.webserver.Request;
 import goodjava.webserver.Response;
@@ -66,11 +67,12 @@
 				Arrays.sort(a,sorter);
 				for( File child : a ) {
 					String name = child.getName();
+					name = Html.encode(name);
 					boolean isDir = child.isDirectory();
 					if( isDir )
 						name += '/';
 					writer.write( "\t\t\t<tr>\n" );
-					writer.write( "\t\t\t\t<td><a href='"+name+"'>"+name+"</a></td>\n" );
+					writer.write( "\t\t\t\t<td><a href=\""+name+"\">"+name+"</a></td>\n" );
 					writer.write( "\t\t\t\t<td>"+fmt.format(new Date(child.lastModified()))+"</td>\n" );
 					if( !isDir )
 						writer.write( "\t\t\t\t<td align=right>"+child.length()+" bytes</td>\n" );