# HG changeset patch
# User Marcin Kuzminski <marcin@python-works.com>
# Date 1372759474 -7200
# Node ID 0e102314733447b7f92b692f319a09a3f5f02cc8
# Parent  c7e656e96c5dc12d0ebb80b99a76ad7909c3b1d0
Use safe_str on flash messages.

diff -r c7e656e96c5d -r 0e1023147334 rhodecode/controllers/changelog.py
--- a/rhodecode/controllers/changelog.py	Tue Jul 02 00:10:52 2013 +0200
+++ b/rhodecode/controllers/changelog.py	Tue Jul 02 12:04:34 2013 +0200
@@ -39,7 +39,7 @@
 from rhodecode.lib.graphmod import _colored, _dagwalker
 from rhodecode.lib.vcs.exceptions import RepositoryError, ChangesetDoesNotExistError,\
     ChangesetError, NodeDoesNotExistError, EmptyRepositoryError
-from rhodecode.lib.utils2 import safe_int
+from rhodecode.lib.utils2 import safe_int, safe_str
 
 
 log = logging.getLogger(__name__)
@@ -91,7 +91,7 @@
 
         except RepositoryError, e:
             log.error(traceback.format_exc())
-            h.flash(str(e), category='warning')
+            h.flash(safe_str(e), category='warning')
             if not partial:
                 redirect(h.url('changelog_home', repo_name=repo.repo_name))
             raise HTTPBadRequest()
@@ -158,7 +158,7 @@
                         cs = self.__get_cs_or_redirect(revision, repo_name)
                         collection = cs.get_file_history(f_path)
                     except RepositoryError, e:
-                        h.flash(str(e), category='warning')
+                        h.flash(safe_str(e), category='warning')
                         redirect(h.url('changelog_home', repo_name=repo_name))
                 collection = list(reversed(collection))
             else:
@@ -173,11 +173,11 @@
             c.comments = c.rhodecode_db_repo.get_comments(page_revisions)
             c.statuses = c.rhodecode_db_repo.statuses(page_revisions)
         except (EmptyRepositoryError), e:
-            h.flash(str(e), category='warning')
+            h.flash(safe_str(e), category='warning')
             return redirect(url('summary_home', repo_name=c.repo_name))
         except (RepositoryError, ChangesetDoesNotExistError, Exception), e:
             log.error(traceback.format_exc())
-            h.flash(str(e), category='error')
+            h.flash(safe_str(e), category='error')
             return redirect(url('changelog_home', repo_name=c.repo_name))
 
         c.branch_name = branch_name
diff -r c7e656e96c5d -r 0e1023147334 rhodecode/controllers/changeset.py
--- a/rhodecode/controllers/changeset.py	Tue Jul 02 00:10:52 2013 +0200
+++ b/rhodecode/controllers/changeset.py	Tue Jul 02 12:04:34 2013 +0200
@@ -51,7 +51,7 @@
 from rhodecode.lib.diffs import LimitedDiffContainer
 from rhodecode.lib.exceptions import StatusChangeOnClosedPullRequestError
 from rhodecode.lib.vcs.backends.base import EmptyChangeset
-from rhodecode.lib.utils2 import safe_unicode
+from rhodecode.lib.utils2 import safe_unicode, safe_str
 
 log = logging.getLogger(__name__)
 
@@ -201,7 +201,7 @@
 
         except (RepositoryError, ChangesetDoesNotExistError, Exception), e:
             log.error(traceback.format_exc())
-            h.flash(str(e), category='error')
+            h.flash(safe_str(e), category='error')
             raise HTTPNotFound()
 
         c.changes = OrderedDict()
diff -r c7e656e96c5d -r 0e1023147334 rhodecode/controllers/compare.py
--- a/rhodecode/controllers/compare.py	Tue Jul 02 00:10:52 2013 +0200
+++ b/rhodecode/controllers/compare.py	Tue Jul 02 12:04:34 2013 +0200
@@ -28,7 +28,7 @@
 import traceback
 import re
 
-from webob.exc import HTTPNotFound
+from webob.exc import HTTPNotFound, HTTPBadRequest
 from pylons import request, response, session, tmpl_context as c, url
 from pylons.controllers.util import abort, redirect
 from pylons.i18n.translation import _
@@ -40,9 +40,8 @@
 from rhodecode.lib.base import BaseRepoController, render
 from rhodecode.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
 from rhodecode.lib import diffs
-
+from rhodecode.lib.utils2 import safe_str
 from rhodecode.model.db import Repository
-from webob.exc import HTTPBadRequest
 from rhodecode.lib.diffs import LimitedDiffContainer
 
 
@@ -91,7 +90,7 @@
 
         except RepositoryError, e:
             log.error(traceback.format_exc())
-            h.flash(str(e), category='warning')
+            h.flash(safe_str(e), category='warning')
             if not partial:
                 redirect(h.url('summary_home', repo_name=repo.repo_name))
             raise HTTPBadRequest()
diff -r c7e656e96c5d -r 0e1023147334 rhodecode/controllers/files.py
--- a/rhodecode/controllers/files.py	Tue Jul 02 00:10:52 2013 +0200
+++ b/rhodecode/controllers/files.py	Tue Jul 02 12:04:34 2013 +0200
@@ -92,7 +92,7 @@
             redirect(h.url('summary_home', repo_name=repo_name))
 
         except RepositoryError, e:  # including ChangesetDoesNotExistError
-            h.flash(str(e), category='error')
+            h.flash(safe_str(e), category='error')
             raise HTTPNotFound()
 
     def __get_filenode_or_redirect(self, repo_name, cs, path):
@@ -110,7 +110,7 @@
             if file_node.is_dir():
                 raise RepositoryError('given path is a directory')
         except RepositoryError, e:
-            h.flash(str(e), category='error')
+            h.flash(safe_str(e), category='error')
             raise HTTPNotFound()
 
         return file_node
@@ -175,7 +175,7 @@
             else:
                 c.authors = c.file_history = []
         except RepositoryError, e:
-            h.flash(str(e), category='error')
+            h.flash(safe_str(e), category='error')
             raise HTTPNotFound()
 
         if request.environ.get('HTTP_X_PARTIAL_XHR'):