Mercurial > public > src > rhodecode

diff pylons_app/controllers/files.py @ 275:a83e86e3f580

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fixed bug when displaying html not escaped data as raw diff.
author Marcin Kuzminski <marcin@python-works.com>
date Tue, 08 Jun 2010 23:02:24 +0200
parents c3661cf28bec
children 2d61aa00e855
line wrap: on
line diff
--- a/pylons_app/controllers/files.py	Tue Jun 08 19:32:39 2010 +0200
+++ b/pylons_app/controllers/files.py	Tue Jun 08 23:02:24 2010 +0200
@@ -26,6 +26,7 @@
 from pylons import request, response, session, tmpl_context as c, url
 from pylons_app.lib.auth import LoginRequired
 from pylons_app.lib.base import BaseController, render
+import pylons_app.lib.helpers as h 
 from pylons_app.model.hg_model import HgModel
 from vcs.exceptions import RepositoryError, ChangesetError
 from vcs.utils import diffs as differ
@@ -157,7 +158,7 @@
             return diff.raw_diff()
         
         elif action == 'raw':
-            c.cur_diff = '<pre class="raw">%s</pre>' % diff.raw_diff()
+            c.cur_diff = '<pre class="raw">%s</pre>' % h.escape(diff.raw_diff())
         elif action == 'diff':
             c.cur_diff = diff.as_html()