Philip,
I am sorry, you were correct. The header that these functions refer to
appear to be DAV authoring headers and yes the filename appears in these
elements and the & is not escaped in the output.
Here is a diff that fixes the problem.
I did a make check and found no more failures than were in revision 3238
which this diff is based on.
A test to verify this problem:
svnadmin create test
svn co http://localhost/svn/test test
cd test
touch test\&test
svn add test\&test
svn commit -m "Adding the filname with the & in the name."
cd ..
rm -rf test
svn co http://localhost/svn/test test
I tried to make the style consistant but I may have missed something.
Please feel free to supply me with any constructive critisim to improve
my efforts.
Index: repos.c
===================================================================
--- repos.c
+++ repos.c 2002-09-26 22:27:44.000000000 -0500
@@ -1597,6 +1597,7 @@
{
svn_error_t *serr;
svn_revnum_t created_rev;
+ const char *quoted_path;
/* if the resource doesn't exist, isn't a simple REGULAR or VERSION
resource, or it is a Baseline, then it has no etag. */
@@ -1616,9 +1617,12 @@
/* ### what to do? */
return "";
}
+
+ quoted_path = apr_xml_quote_string(resource->pool,
+ resource->info->repos_path, 1);
return apr_psprintf(resource->pool, "\"%" SVN_REVNUM_T_FMT "/%s\"",
- created_rev, resource->info->repos_path);
+ created_rev, quoted_path);
}
static dav_error * dav_svn_set_headers(request_rec *r,
Clark
On Thu, Sep 26, 2002 at 07:05:00PM -0500, Clark Rawlins wrote:
> On Thu, Sep 26, 2002 at 11:12:32PM +0100, Philip Martin wrote:
> > Clark Rawlins <clark@bit63.org> writes:
> > > After a brief look at the code in mod_dav_svn it looks like all
> > > occurances of <D:href>path</D:href> use apr_xml_quote_string to quote
> > > the string placed in path.
> >
> > But mod_dav_svn/repos.c:dav_svn_getetag doesn't use
> > apr_xml_quote_string on resource->info->repos_path.
> >
>
> True, but it looks like dav_svn_getetag is only used for HTTP headers
> (at least in the mod_dav_svn code). Can any mod_dav experts tell us
> if the exported function pointer for dav_svn_set_headers or
> dav_svn_getetag are used to generate any xml?
>
> Clark
>
> --
> "They that can give up essential liberty to obtain a little temporary safety
> deserve neither liberty nor safety."
> - Benjamin Franklin, Historical Review of Pennsylvania, 1759.
--
"They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety."
- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
- application/pgp-signature attachment: stored
Received on Fri Sep 27 06:33:00 2002