From: Nishi <nishi@nishi.boats>
Date: Fri, 30 Aug 2024 05:19:25 +0000 (+0000)
Subject: fix xss
X-Git-Url: https://git.chaotic.ninja/gitweb/nishi/?a=commitdiff_plain;h=25a6a7b5ab714a76fda51e5e5b59ed20883aa2d4;p=repoview.git

fix xss

git-svn-id: file:///raid/svn-personal/repoview/trunk@75 7e8b2a19-8934-dd40-8cb3-db22cdd5a80f
---

diff --git a/CGI/theme/modern.c b/CGI/theme/modern.c
index c6e10bc..16675d2 100644
--- a/CGI/theme/modern.c
+++ b/CGI/theme/modern.c
@@ -83,6 +83,8 @@ char* html_escape(const char* input) {
 			add_data(&r, "&lt;");
 		} else if(input[i] == '>') {
 			add_data(&r, "&gt;");
+		} else if(input[i] == '&') {
+			add_data(&r, "&amp;");
 		} else {
 			cbuf[0] = input[i];
 			add_data(&r, cbuf);