diff options
| author | Nobuyoshi Nakada <nobu@ruby-lang.org> | 2021-08-28 17:41:47 +0900 |
|---|---|---|
| committer | git <svn-admin@ruby-lang.org> | 2022-10-07 12:12:08 +0900 |
| commit | a3cb09c7d17f2626ebd6eae774f0425d602ed95b (patch) | |
| tree | adecae701b63e13bf852bd0aead3a832df8ef35a /lib | |
| parent | 8d0b2162a09183eb3d58a5a1d824b4daf16bf3c8 (diff) | |
[ruby/rdoc] Escape file names
https://hackerone.com/reports/1321358
https://github.com/ruby/rdoc/commit/8c07cc4657
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/rdoc/generator/template/darkfish/_sidebar_pages.rhtml | 6 | ||||
| -rw-r--r-- | lib/rdoc/generator/template/darkfish/table_of_contents.rhtml | 4 |
2 files changed, 5 insertions, 5 deletions
diff --git a/lib/rdoc/generator/template/darkfish/_sidebar_pages.rhtml b/lib/rdoc/generator/template/darkfish/_sidebar_pages.rhtml index 0ed683ca14..3f68f0c0dc 100644 --- a/lib/rdoc/generator/template/darkfish/_sidebar_pages.rhtml +++ b/lib/rdoc/generator/template/darkfish/_sidebar_pages.rhtml @@ -12,18 +12,18 @@ <%- end.each do |n, files| -%> <%- f = files.shift -%> <%- if files.empty? -%> - <li><a href="<%= rel_prefix %>/<%= f.path %>"><%= h f.page_name %></a> + <li><a href="<%= rel_prefix %>/<%= h f.path %>"><%= h f.page_name %></a> <%- next -%> <%- end -%> <li><details<% if dir == n %> open<% end %>><summary><% if n == f.page_name - %><a href="<%= rel_prefix %>/<%= f.path %>"><%= h n %></a><% + %><a href="<%= rel_prefix %>/<%= h f.path %>"><%= h n %></a><% else %><%= h n %><% files.unshift(f) end %></summary> <ul class="link-list"> <%- files.each do |f| -%> - <li><a href="<%= rel_prefix %>/<%= f.path %>"><%= h f.page_name %></a> + <li><a href="<%= rel_prefix %>/<%= h f.path %>"><%= h f.page_name %></a> <%- end -%> </ul></details> <%- end -%> diff --git a/lib/rdoc/generator/template/darkfish/table_of_contents.rhtml b/lib/rdoc/generator/template/darkfish/table_of_contents.rhtml index 303d7016cc..941ff9d630 100644 --- a/lib/rdoc/generator/template/darkfish/table_of_contents.rhtml +++ b/lib/rdoc/generator/template/darkfish/table_of_contents.rhtml @@ -8,14 +8,14 @@ <ul> <%- simple_files.sort.each do |file| -%> <li class="file"> - <a href="<%= file.path %>"><%= h file.page_name %></a> + <a href="<%= h file.path %>"><%= h file.page_name %></a> <% # HACK table_of_contents should not exist on Document table = file.parse(file.comment).table_of_contents unless table.empty? then %> <ul> <%- table.each do |heading| -%> - <li><a href="<%= file.path %>#<%= heading.aref %>"><%= heading.plain_html %></a> + <li><a href="<%= h file.path %>#<%= heading.aref %>"><%= heading.plain_html %></a> <%- end -%> </ul> <%- end -%> |