Commit Briefs
gotwebd: fix leak in gotweb_init_querystring in error path
if strdup fails we fail to free the querystring Found by clang' scan-build.
gotwebd: add missing fcgi_printf return check
dead store found by clang' scan-build.
gotwebd: fix assets URLs
In 95a4a5a1e8d0952ee0d2523dc31df7170d80e0b3 I forgot to fix the links for the favicons and the web manifest.
fix regression in gotweb_free_repo_tag(): free(...): modified chunk-pointer
problem introduced in commit 625e5896fc9ecf87ccfc92ad2a65cd3be58f73c0
gotwebd: free all allocated fields of repo_tag
got_get_repo_tags needs some tweaking to how tag_commit is allocated too. ok stsp@
gotwebd: fix possible leaks when handling errors
all very unlikely. part of a bigger diff that's ok stsp@
gotwebd: minor tweaks
drop: - a tautological s[strlen(s)] == '\0' - a few duplicates checks - a lone if (error) when it's always NULL - an extra NULL check part of a bigger diff that's ok stsp@
gotwebd: refactor gotweb_load_got_path
- don't special case ".got": if it's a work-tree gotwebd will just fail soon enough. Suggested by stsp@ - avoid an strdup. - drop `opened' to make it easier to follow what's going on. ok stsp@
gotwebd: use SCRIPT_NAME to derive URLs
This makes gotwebd use SCRIPT_NAME instead of the DOCUMENT_ROOT fastcgi param to generate the links to the assets and changes some links so every page is consistently linked with a relative URL. It allows to drop the `root "/"' in the location for fastcgi and, as a bonus, also makes possible to run gotwebd on non "/" paths. ok stsp@
gotwebd: add CSP policy
ok tracey@
gotwebd: fix for possible NULL beign passed to fcgi_printf
reported by and ok tracey@
gotwebd: make sure to escape possibly unsafe strings
this fixes only the HTML escaping of strings, the urlencode is still missig. while here also plug a memory leak in gotweb_render_branches and drop some needless ternary operators. ok tracey@
gotwebd: minor tweaks to the generated HTML
spotted by validator.w3.org: - use target="_blank" instead of `_sotd' - drop `alt' attributes in `a' tags This fixes all the errors reported; only a warning suggesting to add a `lang' attribute on the <html> tag remains.
gotwebd: add fcgi_printf
instead of fcgi_gen_response which outputs only a fixed strings provide a printf-like fcgi_printf: it greatly simplifies the generation of the HTML pages. While here also (probably) fix some HTML errors: the output was verified with the W3C validator and it's correct (in the sense that the tags are properly closed, there are still some other things the validator complains about.) ok/encouragement baseprime@, ok jamsek Thanks for reading such a boring diff!
gotwebd: fix double free in gotweb_process_request
don't free the querystring, it's already done later by fcgi_celanup_request. ok tracey@
gotwebd: switch some HTML IDs to classes
HTML IDs are meant to be unique across the page. While here fix two small errors in the generated HTML (one missing closing div and one extra.) ok tracey@