my ($use_pathinfo) = gitweb_check_feature('pathinfo');
if ($use_pathinfo) {
# use PATH_INFO for project name
- $href .= "/$params{'project'}" if defined $params{'project'};
+ $href .= "/".esc_url($params{'project'}) if defined $params{'project'};
delete $params{'project'};
# Summary just uses the project path URL
my $action = $my_uri;
my ($use_pathinfo) = gitweb_check_feature('pathinfo');
if ($use_pathinfo) {
- $action .= "/$project";
+ $action .= "/".esc_url($project);
} else {
$cgi->param("p", $project);
}