]> source.dussan.org Git - sonarqube.git/commitdiff
projects / sonarqube.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b5d4dbc)
Fix flash vulneribility
authorStas Vilchik <vilchiks@gmail.com>
Thu, 20 Nov 2014 10:36:45 +0000 (11:36 +0100)
committerStas Vilchik <vilchiks@gmail.com>
Thu, 20 Nov 2014 10:36:45 +0000 (11:36 +0100)
server/sonar-web/src/main/webapp/WEB-INF/app/views/layouts/_footer.html.erb patch | blob | history

diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/views/layouts/_footer.html.erb b/server/sonar-web/src/main/webapp/WEB-INF/app/views/layouts/_footer.html.erb
index e4985adb84323d96d92c337c069e21d0ef03e31b..687ca6b6db89b2373bc6c81f0660bb31d705c6f6 100644 (file)
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/views/layouts/_footer.html.erb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/views/layouts/_footer.html.erb
@@ -10,8 +10,8 @@
 
 
 </body><script>
-<% if flash[:notice] %>info('<%=escape_javascript(flash[:notice])-%>');<% end %>
-<% if flash[:warning] %>warning('<%=escape_javascript(flash[:warning])-%>');<% end %>
-<% if flash[:error] %>error('<%=escape_javascript(flash[:error])-%>');<% end %>
+<% if flash[:notice] %>info('<%= h escape_javascript(flash[:notice])-%>');<% end %>
+<% if flash[:warning] %>warning('<%= h escape_javascript(flash[:warning])-%>');<% end %>
+<% if flash[:error] %>error('<%= h escape_javascript(flash[:error])-%>');<% end %>
 </script>
 </html>
Continuous Inspection: https://github.com/SonarSource/sonarqube