~edwargix/git.sr.ht

eec1d963a395754b695dc7fdcbe0e53861bea16e — Nolan Prescott 3 years ago 591673f 
Hash branch name in HTML attributes

As reported on sr.ht-discuss:
> The "Prepare a patchset" UI shows an empty list of commits on
> branches that include a slash inside the name

The branch name is used to define CSS selectors inside a style block
on the send-email template and branch names may contain invalid CSS
identifier values. Without escaping the browser does not render these
specific styles, leaving them in the state of `display:none` as
defined on `.event-list.commit-list`.
patch browse .tar.gz 
2 files changed, 17 insertions(+), 8 deletions(-)

M gitsrht/blueprints/email.py
M gitsrht/templates/send-email.html

M gitsrht/blueprints/email.py => gitsrht/blueprints/email.py +6 -0
@@ 6,6 6,7 @@ import re
import smtplib
import subprocess
import sys
import hashlib
from email.utils import make_msgid, parseaddr
from email.message import EmailMessage
from flask import Blueprint, render_template, abort, request, url_for, session


@@ 347,3 348,8 @@ def send_email_send(owner, repo):
        session["message"] = "Your patchset has been sent."
        return redirect(url_for('repo.summary',
            owner=repo.owner, repo=repo.name))

@mail.app_template_filter('hash')
def to_hash(value):
    hashed_value = hashlib.sha256(value.encode())
    return hashed_value.hexdigest()


M gitsrht/templates/send-email.html => gitsrht/templates/send-email.html +11 -8
@@ 37,14 37,15 @@
  <legend>Select a branch</legend>

  {% for branch in branches[:2] %}
  {%- set branch_hash = branch[0] | hash -%}
  <input
    type="radio"
    name="branch"
    value="{{branch[0]}}"
    id="branch-{{branch[0]}}"
    id="branch-{{branch_hash}}"
    {% if loop.first %}checked{% endif %}
    />
  <label for="branch-{{branch[0]}}">
  <label for="branch-{{branch_hash}}">
    {{branch[0]}}
    <span class="text-muted">
      (active {{ commit_time(branch[2]) | date }})


@@ 76,7 77,8 @@
    You'll be able to trim commits off the top in the next step.
  </small>
  {% for branch in branches[:2] %}
  <div class="event-list commit-list reverse commits-{{branch[0]}}">
  {%- set branch_hash = branch[0] | hash -%}
  <div class="event-list commit-list reverse commits-{{branch_hash}}">
    {% if commits[branch[0]][-1].parents %}
    {% set show_commits = commits[branch[0]][:-1] %}
    {% else %}


@@ 86,15 88,15 @@
    <input
      type="radio"
      name="commit-{{branch[0]}}"
      id="commit-{{branch[0]}}-{{c.id.hex}}"
      id="commit-{{branch_hash}}-{{c.id.hex}}"
      value="{{c.id.hex}}"
      {% if loop.last %}checked{% endif %} />
    <label class="event" for="commit-{{branch[0]}}-{{c.id.hex}}">
    <label class="event" for="commit-{{branch_hash}}-{{c.id.hex}}">
      {{ utils.commit_event(repo, c, False, target_blank=True) }}
    </label>
    {% endfor %}
  </div>
  <div class="pull-right form-controls form-controls-{{branch[0]}}">
  <div class="pull-right form-controls form-controls-{{branch_hash}}">
    {% if commits[branch[0]][-1].parents and (len(commits[branch[0]])-1) < 32 %}
    {# TODO: suggest request-pull for >32 commits (or less, tbh) #}
    <a


@@ 122,11 124,12 @@
  }

  {% for branch in branches[:2] %}
  #branch-{{branch[0]}}:checked ~ .commits-{{branch[0]}} {
  {%- set branch_hash = branch[0] | hash -%}
  #branch-{{branch_hash}}:checked ~ .commits-{{branch_hash}} {
    display: flex;
  }

  #branch-{{branch[0]}}:checked ~ .form-controls-{{branch[0]}} {
  #branch-{{branch_hash}}:checked ~ .form-controls-{{branch_hash}} {
    display: block;
  }
  {% endfor %}