]> source.dussan.org Git - nextcloud-server.git/commit
projects / nextcloud-server.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fb75e2d) | patch
fix(core): Do not use `v-html` for translation output
authorFerdinand Thiessen <opensource@fthiessen.de>
Mon, 18 Nov 2024 13:31:05 +0000 (14:31 +0100)
committernextcloud-command <nextcloud-command@users.noreply.github.com>
Tue, 19 Nov 2024 09:35:23 +0000 (09:35 +0000)
commit52769a47ed378d914ce2d6a555536a7d6adc26b1
treefd6393d7287c0df30135c1d2ab16a5eb4001be84tree | snapshot
parentfb75e2de78c1b7c24b19f51464d60d59c681f66ecommit | diff
fix(core): Do not use `v-html` for translation output

The content that can be renderered does *not* include HTML (see
`recommended` object).
But `v-html` was used, this is potentially dangerous, even though we
sanitize the translation values, so no urgent harm but better safe than
sorry.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
core/src/components/setup/RecommendedApps.vue diff | blob | history
Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server