Module: tools Branch: master Commit: b2cdcca7480bc42c49092e5ade20d10b71448da9 URL: https://source.winehq.org/git/tools.git/?a=commit;h=b2cdcca7480bc42c49092e5a... Author: Francois Gouget <fgouget(a)codeweavers.com> Date: Thu Apr 21 15:58:42 2022 +0200 testbot/web: Escape URLs to the user details page. It may contain ampersands which should be escaped in HTML documents. Signed-off-by: Francois Gouget <fgouget(a)codeweavers.com> Signed-off-by: Alexandre Julliard <julliard(a)winehq.org> --- testbot/web/admin/UsersList.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/testbot/web/admin/UsersList.pl b/testbot/web/admin/UsersList.pl index dcdb811..ec6d282 100644 --- a/testbot/web/admin/UsersList.pl +++ b/testbot/web/admin/UsersList.pl @@ -82,7 +82,7 @@ sub GenerateDataView($$$) { ($Class, $Label) = ('usernone', 'none'); } - my $DetailsLink = $self->GetDetailsLink($Row); + my $DetailsLink = $self->escapeHTML($self->GetDetailsLink($Row)); print "<a href='$DetailsLink'><span class='$Class'>$Label</span></a>"; } else