diff -up arora-0.11.0/src/network/networkaccessmanager.cpp.fake-certificate-issuer arora-0.11.0/src/network/networkaccessmanager.cpp
--- arora-0.11.0/src/network/networkaccessmanager.cpp.fake-certificate-issuer 2010-09-27 04:42:17.000000000 +0200
+++ arora-0.11.0/src/network/networkaccessmanager.cpp 2011-10-20 16:22:39.119469071 +0200
@@ -249,12 +249,35 @@ void NetworkAccessManager::proxyAuthenti
}
}
+// TODO (QT5): use QString::htmlEscape or whatever https://qt.gitorious.org/qt/qtbase/merge_requests/56
+// ends up with.
+// original author: David Faure
+static QString htmlEscape(const QString &plain)
+{
+ QString rich;
+ rich.reserve(int(plain.length() * 1.1));
+ for (int i = 0; i < plain.length(); ++i) {
+ if (plain.at(i) == QLatin1Char('<'))
+ rich += QLatin1String("<");
+ else if (plain.at(i) == QLatin1Char('>'))
+ rich += QLatin1String(">");
+ else if (plain.at(i) == QLatin1Char('&'))
+ rich += QLatin1String("&");
+ else if (plain.at(i) == QLatin1Char('"'))
+ rich += QLatin1String(""");
+ else
+ rich += plain.at(i);
+ }
+ rich.squeeze();
+ return rich;
+}
+
#ifndef QT_NO_OPENSSL
QString NetworkAccessManager::certToFormattedString(QSslCertificate cert)
{
QStringList message;
message << cert.subjectInfo(QSslCertificate::CommonName);
- message << tr("Issuer: %1").arg(cert.issuerInfo(QSslCertificate::CommonName));
+ message << tr("Issuer: %1").arg(htmlEscape(cert.issuerInfo(QSslCertificate::CommonName)));
message << tr("Not valid before: %1").arg(cert.effectiveDate().toString());
message << tr("Valid until: %1").arg(cert.expiryDate().toString());