Git Repo Viewer
git.user254.kr/gitiles/e16e48635d3500684f6510e8852035b5eb982c01^!/.
commit
e16e48635d3500684f6510e8852035b5eb982c01
[log] [tgz]
author
Dave Borowitz <[email protected]>
Thu Jun 26 12:23:18 2014 -0700
committer
Dave Borowitz <[email protected]>
Thu Jun 26 12:23:18 2014 -0700
tree
08ceae929726af2f0d4e54dc16f92c047e01263c
parent
11bbead9f668f56d505e23f8afe0d8cb88df48bb [diff]
Disable contextual autoescaping of Soy templates

Contextual autoescaping is considered deprecated by the Soy team, as
it makes it too easy to turn off autoescaping. Instead, use the new
"strict" mode, which disallows directives like |noAutoescape and |id.
This is safe for us as we weren't using them in any meaningful way
anyway.

Change-Id: I687e345c90aa38af6b0b936b8b5b5e5fe86f4ed8

diff --git a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/BlameDetail.soy b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/BlameDetail.soy
index af222f7..124ed5a 100644
--- a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/BlameDetail.soy
+++ b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/BlameDetail.soy

@@ -11,7 +11,7 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-{namespace gitiles autoescape="contextual"}
+{namespace gitiles autoescape="strict"}
 
 /**
  * Detail page showing blame info for a file.

diff --git a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/Common.soy b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/Common.soy
index a8df645..5b2950d 100644
--- a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/Common.soy
+++ b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/Common.soy

@@ -11,7 +11,7 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-{namespace gitiles autoescape="contextual"}
+{namespace gitiles autoescape="strict"}
 
 /**
  * Common header for Gitiles.

diff --git a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/DiffDetail.soy b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/DiffDetail.soy
index 5222fa0..faa5c01 100644
--- a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/DiffDetail.soy
+++ b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/DiffDetail.soy

@@ -11,7 +11,7 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-{namespace gitiles autoescape="contextual"}
+{namespace gitiles autoescape="strict"}
 
 /**
  * Detail page showing diffs for a single commit.

diff --git a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/HostIndex.soy b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/HostIndex.soy
index 07da395..e0ed398 100644
--- a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/HostIndex.soy
+++ b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/HostIndex.soy

@@ -11,7 +11,7 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-{namespace gitiles autoescape="contextual"}
+{namespace gitiles autoescape="strict"}
 
 /**
  * HTML page for /.

diff --git a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/LogDetail.soy b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/LogDetail.soy
index af5aed8..71ac795 100644
--- a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/LogDetail.soy
+++ b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/LogDetail.soy

@@ -11,7 +11,7 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-{namespace gitiles autoescape="contextual"}
+{namespace gitiles autoescape="strict"}
 
 /**
  * Detail page showing a shortlog for a commit.

diff --git a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/ObjectDetail.soy b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/ObjectDetail.soy
index badf0cb..b96a732 100644
--- a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/ObjectDetail.soy
+++ b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/ObjectDetail.soy

@@ -11,7 +11,7 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-{namespace gitiles autoescape="contextual"}
+{namespace gitiles autoescape="strict"}
 
 /**
  * Detailed listing of a commit.
@@ -319,7 +319,7 @@
  *     url: optional URL that should be linked to from the part.
  */
 {template .message_ private="true"}
-<pre class="{$className|id}">
+<pre class="{$className}">
   {foreach $part in $message}
     {if $part.url}<a href="{$part.url}">{$part.text}</a>{else}{$part.text}{/if}
   {/foreach}

diff --git a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/PathDetail.soy b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/PathDetail.soy
index 8471c6a..d2f8b3a 100644
--- a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/PathDetail.soy
+++ b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/PathDetail.soy

@@ -11,7 +11,7 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-{namespace gitiles autoescape="contextual"}
+{namespace gitiles autoescape="strict"}
 
 /**
  * Detail page for a path within a tree.

diff --git a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/RefList.soy b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/RefList.soy
index e960b54..e42ee7e 100644
--- a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/RefList.soy
+++ b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/RefList.soy

@@ -11,7 +11,7 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-{namespace gitiles autoescape="contextual"}
+{namespace gitiles autoescape="strict"}
 
 
 /**

diff --git a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/RepositoryIndex.soy b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/RepositoryIndex.soy
index cdd5005..10414a5 100644
--- a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/RepositoryIndex.soy
+++ b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/RepositoryIndex.soy

@@ -11,7 +11,7 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-{namespace gitiles autoescape="contextual"}
+{namespace gitiles autoescape="strict"}
 
 /**
  * Index page for a repository.

diff --git a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/RevisionDetail.soy b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/RevisionDetail.soy
index 7a72209..2bc335d 100644
--- a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/RevisionDetail.soy
+++ b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/RevisionDetail.soy

@@ -11,7 +11,7 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-{namespace gitiles autoescape="contextual"}
+{namespace gitiles autoescape="strict"}
 
 /**
  * Detail page about a single revision.