$NetBSD: patch-ac,v 1.1 2008/07/13 11:15:27 tonnerre Exp $

--- diff.php.orig	2004-08-26 10:29:32.000000000 +0200
+++ diff.php
@@ -59,9 +59,9 @@ else
 
 $prevrev = @$history[1]["rev"];
 
-$vars["repname"] = $rep->name;
+$vars["repname"] = htmlentities($rep->name, ENT_QUOTES, 'UTF-8');
 $vars["rev"] = $rev;
-$vars["path"] = $ppath;
+$vars["path"] = htmlentities($ppath, ENT_QUOTES, 'UTF-8');
 $vars["prevrev"] = $prevrev;
 
 $vars["rev1"] = $history[0]["rev"];
