From bca8c5c52554b6aac65b8e2300675ae8f6af1d6d Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 15 May 2013 17:21:03 -0400
Subject: [PATCH] Fix message escaping when combined with regex substitutions (issue 242)

---
 src/main/java/com/gitblit/wicket/pages/CommitPage.html     |    2 +-
 src/main/java/com/gitblit/wicket/pages/RepositoryPage.java |    4 ++--
 releases.moxie                                             |    1 +
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/releases.moxie b/releases.moxie
index fa6e8b6..ea547f5 100644
--- a/releases.moxie
+++ b/releases.moxie
@@ -26,6 +26,7 @@
 	 - Fixed extracting Groovy scripts on Express installs (issue 220)
 	 - Ensure Redmine url is properly formatted (issue 223)
 	 - Use standard ServletRequestWrapper instead of custom wrapper (issue 224)
+	 - Switch commit message back to a pre and ensure that it is properly escaped when combined with commit message regex substitution (issue 242)
 
 	changes:
 	 - Improved error logging for servlet containers which provide a null contextFolder (issue 199)
diff --git a/src/main/java/com/gitblit/wicket/pages/CommitPage.html b/src/main/java/com/gitblit/wicket/pages/CommitPage.html
index 79a038c..d63a393 100644
--- a/src/main/java/com/gitblit/wicket/pages/CommitPage.html
+++ b/src/main/java/com/gitblit/wicket/pages/CommitPage.html
@@ -49,7 +49,7 @@
 	</div>
 	
 	<!-- full message -->
-	<div class="commit_message" wicket:id="fullMessage">[commit message]</div>
+	<pre class="commit_message" wicket:id="fullMessage">[commit message]</pre>
 
 	<!--  git notes -->
 	<table class="gitnotes">
diff --git a/src/main/java/com/gitblit/wicket/pages/RepositoryPage.java b/src/main/java/com/gitblit/wicket/pages/RepositoryPage.java
index 9a806f4..8314617 100644
--- a/src/main/java/com/gitblit/wicket/pages/RepositoryPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/RepositoryPage.java
@@ -431,9 +431,9 @@
 	}
 
 	protected void addFullText(String wicketId, String text, boolean substituteRegex) {
-		String html = StringUtils.escapeForHtml(text, true);
+		String html = StringUtils.escapeForHtml(text, false);
 		if (substituteRegex) {
-			html = GitBlit.self().processCommitMessage(repositoryName, text);
+			html = GitBlit.self().processCommitMessage(repositoryName, html);
 		} else {
 			html = StringUtils.breakLinesForHtml(html);
 		}

--
Gitblit v1.9.1