Ensure proper escaping of /build/.../contents pages

[?]
Aug 17, 2014, 9:43 PM
KCQ5MRGCAEDQXRLVCICEROWQRQ7CJMKWFUM5VCCOBJUULEQZDXZQC

Dependencies

  • [2] 6KIJX24R Get rid of unnecessary [%- and -%] tags
  • [3] PZL3SZM3 Give every page a consistent title
  • [4] 5DSDXORD hydra: missing plain.tt
  • [5] 5NO7NCKT * Refactoring.
  • [6] GJFYEU3S * Nix now stores logs by default as bzip2, make sure the build page uncompresses before showing.
  • [7] G5ZR3ZVZ hydra: put contents links into html, add links to files from contents page
  • [8] NUIKDEHL * A quick hack to list the contents of various types of files (RPM,
  • [9] YS3AVMLC Remove buildtime and runtime dependency graph. It is useless on normal derivations.
  • [10] OD5FSS5A * Quick hack to allow viewing of dependency graphs (via nix-store -q
  • [*] LBNVQXUB * Build the /build stuff in a separate controller.

Change contents

  • replacement in src/lib/Hydra/Controller/Build.pm at line 297
    [3.604][3.9:242](),[3.9][3.9:242]()
    my $baseuri = $c->uri_for('/build', $c->stash->{build}->id, 'download', $product->productnr);
    $baseuri .= "/".$product->name if $product->name;
    $res =~ s/(\.\/)($relPathRE)/<a href="$baseuri\/$2">$1$2<\/a>/g;
    [3.604]
    [3.729]
    #my $baseuri = $c->uri_for('/build', $c->stash->{build}->id, 'download', $product->productnr);
    #$baseuri .= "/".$product->name if $product->name;
    #$res =~ s/(\.\/)($relPathRE)/<a href="$baseuri\/$2">$1$2<\/a>/g;
  • replacement in src/lib/Hydra/Controller/Build.pm at line 340
    [3.299][3.299:346]()
    $c->stash->{contents} = "<pre>$res</pre>";
    [3.299]
    [3.346]
    $c->stash->{contents} = decode("utf-8", $res);
  • replacement in src/root/plain.tt at line 8
    [3.108][2.6398:6413]()
    [% contents %]
    [3.85]
    [3.131]
    <pre>[% HTML.escape(contents) %]</pre>