You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by David Robinson <dr...@ast.cam.ac.uk> on 1995/12/13 15:22:00 UTC

Escaping html

Apache never escapes & < and > in any html that it outputs. This causes
problems with these characters in error messages, directory listings
and redirection anchors (when a #exec cgi returns a redirect).
The patch fixes these.

62.escape_html.patch:
Subject: Escape active characters in html output
Affects: httpd.h, util.c, mod_dir.c, mod_include.c, http_protocol.c
ChangeLog: Escape active characters '<', '>' and '&' in html output in
           directory listings, error messages and redirection links.

 David.