stas 2004/10/05 15:30:26
Modified: lib/Apache Status.pm
. Changes
Log:
escape HTML in dumped variables by Apache::Status
Submitted by: Markus Wichitill <[EMAIL PROTECTED]>
Revision Changes Path
1.30 +13 -1 modperl-2.0/lib/Apache/Status.pm
Index: Status.pm
===================================================================
RCS file: /home/cvs/modperl-2.0/lib/Apache/Status.pm,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -u -r1.29 -r1.30
--- Status.pm 28 Sep 2004 03:42:39 -0000 1.29
+++ Status.pm 5 Oct 2004 22:30:26 -0000 1.30
@@ -363,7 +363,8 @@
}
push @retval, "\n</p>\n";
push @retval, "<pre>",
- (map "$_ = " . ($ENV{$_}||'') . "\n", sort keys %ENV), "</pre>";
+ (map "$_ = " . escape_html($ENV{$_}||'') . "\n",
+ sort keys %ENV), "</pre>";
[EMAIL PROTECTED];
}
@@ -409,6 +410,7 @@
no strict 'refs';
my @retval = "<p>\nData Dump of $name $type\n</p>\n<pre>\n";
my $str = Data::Dumper->Dump([*$name{$type}], ['*'.$name]);
+ $str = escape_html($str);
$str =~ s/= \\/= /; #whack backwack
push @retval, $str, "\n";
push @retval, peek_link($r, $q, $name, $type);
@@ -826,6 +828,16 @@
push @m, "</table>";
return join "\n", @m, "<hr>", b_package_size_link($r, $q, $package);
+}
+
+sub escape_html {
+ my $str = shift;
+
+ $str =~ s/&/&/g;
+ $str =~ s/</</g;
+ $str =~ s/>/>/g;
+
+ return $str;
}
sub myconfig {
1.509 +3 -0 modperl-2.0/Changes
Index: Changes
===================================================================
RCS file: /home/cvs/modperl-2.0/Changes,v
retrieving revision 1.508
retrieving revision 1.509
diff -u -u -r1.508 -r1.509
--- Changes 4 Oct 2004 19:27:37 -0000 1.508
+++ Changes 5 Oct 2004 22:30:26 -0000 1.509
@@ -12,6 +12,9 @@
=item 1.99_17-dev
+escape HTML in dumped variables by Apache::Status [Markus Wichitill
+<[EMAIL PROTECTED]>]
+
$r->document_root can now be changed when safe to do so [Gozer]
APR::Bucket->new now requires an APR::BucketAlloc as its first argument.
