source.dussan.org Git - gitea.git/commit

]> source.dussan.org Git - gitea.git/commit

author	techknowlogick <hello@techknowlogick.com>
	Fri, 21 Dec 2018 14:05:47 +0000 (09:05 -0500)
committer	GitHub <noreply@github.com>
	Fri, 21 Dec 2018 14:05:47 +0000 (09:05 -0500)
commit	af4626a2700aa81ecf4fcf7c81717f6715513526
tree	ea83a1a1c02f50fd205d7a4ee82ad2a05910e354	tree \| snapshot
parent	21c70e1ed27420646d0d85f044facc8c84be3d5f	commit \| diff

Immediate fix to htmlEncode user added text (#5575)

There are likely problems remaining with the way that initCommentForm
is creating its elements. I suspect that a malformed avatar url could
be used maliciously.

public/js/index.js

diff | blob | history

Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea

RSS Atom