From b76107bb240c54ba4d4c8e1d2badd412e5c473fa Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 04 Nov 2014 17:23:50 -0500
Subject: [PATCH] Whitelist the "target" link attribute in the XSS filter
---
src/main/java/com/gitblit/wicket/panels/DiffStatPanel.java | 18 ++++++++++++------
1 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/src/main/java/com/gitblit/wicket/panels/DiffStatPanel.java b/src/main/java/com/gitblit/wicket/panels/DiffStatPanel.java
index e1f0af9..30a8902 100644
--- a/src/main/java/com/gitblit/wicket/panels/DiffStatPanel.java
+++ b/src/main/java/com/gitblit/wicket/panels/DiffStatPanel.java
@@ -26,7 +26,7 @@
/**
* Display a diffstat.
- *
+ *
* @author James Moger
*
*/
@@ -62,12 +62,18 @@
WicketUtils.setHtmlTooltip(this, diffStat);
final NormalizedDiffStat n = DiffUtils.normalizeDiffStat(5, insertions, deletions);
-
- final String square = "■";
+
+ final String segment;
+ if (inline) {
+ segment = "●";
+ } else {
+ segment = "■";
+ }
+
add(new Label("total", String.valueOf(total)));
- add(new Label("insertions", timesRepeat(n.insertions, square)).setEscapeModelStrings(false).setVisible(n.insertions > 0));
- add(new Label("deletions", timesRepeat(n.deletions, square)).setEscapeModelStrings(false).setVisible(n.deletions > 0));
- add(new Label("blank", timesRepeat(n.blanks, square)).setEscapeModelStrings(false).setVisible(n.blanks > 0));
+ add(new Label("insertions", timesRepeat(n.insertions, segment)).setEscapeModelStrings(false).setVisible(n.insertions > 0));
+ add(new Label("deletions", timesRepeat(n.deletions, segment)).setEscapeModelStrings(false).setVisible(n.deletions > 0));
+ add(new Label("blank", timesRepeat(n.blanks, segment)).setEscapeModelStrings(false).setVisible(n.blanks > 0));
if (inline) {
WicketUtils.setCssClass(this, "diffstat-inline");
--
Gitblit v1.9.1