aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBo-Yi Wu <appleboy.tw@gmail.com>2017-04-06 09:31:31 +0800
committerLunny Xiao <xiaolunwen@gmail.com>2017-04-05 18:31:31 -0700
commit0cee52e0d3e171bb6bba63aa12479ea5b2b35561 (patch)
tree3c3993c06417445a15eb9ec9614adc5359b3c6d0
parente7493e953f7cc32569b08f48a46e4cf0bacbf74e (diff)
downloadgitea-0cee52e0d3e171bb6bba63aa12479ea5b2b35561.tar.gz
gitea-0cee52e0d3e171bb6bba63aa12479ea5b2b35561.zip
fix: remove `str2html` from org full name (#1360)
* fix: remove str2html for security issue. * fix: update
-rw-r--r--templates/org/header.tmpl2
-rw-r--r--templates/org/home.tmpl2
-rw-r--r--templates/org/member/invite.tmpl2
-rw-r--r--templates/org/settings/options.tmpl2
-rw-r--r--templates/org/team/members.tmpl2
5 files changed, 5 insertions, 5 deletions
diff --git a/templates/org/header.tmpl b/templates/org/header.tmpl
index d00b7c28c4..0192ad7d82 100644
--- a/templates/org/header.tmpl
+++ b/templates/org/header.tmpl
@@ -4,7 +4,7 @@
<div class="column">
<div class="ui header">
<img class="ui image" src="{{.RelAvatarLink}}?s=100">
- <span class="text thin grey"><a href="{{.HomeLink}}">{{.DisplayName | Str2html}}</a></span>
+ <span class="text thin grey"><a href="{{.HomeLink}}">{{.DisplayName}}</a></span>
<div class="ui right">
<div class="ui menu">
diff --git a/templates/org/home.tmpl b/templates/org/home.tmpl
index e62e684552..9b8b311666 100644
--- a/templates/org/home.tmpl
+++ b/templates/org/home.tmpl
@@ -6,7 +6,7 @@
<img class="ui left" id="org-avatar" src="{{.Org.RelAvatarLink}}?s=140"/>
<div id="org-info">
<div class="ui header">
- {{.Org.DisplayName | Str2html}}
+ {{.Org.DisplayName}}
{{if .IsOrganizationOwner}}<a class="text grey" href="{{.OrgLink}}/settings"><span class="octicon octicon-gear"></span></a>{{end}}
</div>
{{if .Org.Description}}<p class="desc">{{.Org.Description}}</p>{{end}}
diff --git a/templates/org/member/invite.tmpl b/templates/org/member/invite.tmpl
index c1c2d88f2a..29e7928f0c 100644
--- a/templates/org/member/invite.tmpl
+++ b/templates/org/member/invite.tmpl
@@ -4,7 +4,7 @@
<div class="ui container">
<div id="invite-box">
{{template "base/alert" .}}
- <h2>{{.i18n.Tr "org.members.invite_desc" .Org.DisplayName | Str2html}}</h2>
+ <h2>{{.i18n.Tr "org.members.invite_desc" .Org.DisplayName}}</h2>
<form class="ui form" action="{{.Link}}" method="post">
{{.CsrfTokenHtml}}
<div class="inline field ui left">
diff --git a/templates/org/settings/options.tmpl b/templates/org/settings/options.tmpl
index 72c191e54d..8041365434 100644
--- a/templates/org/settings/options.tmpl
+++ b/templates/org/settings/options.tmpl
@@ -18,7 +18,7 @@
</div>
<div class="field {{if .Err_FullName}}error{{end}}">
<label for="full_name">{{.i18n.Tr "org.org_full_name_holder"}}</label>
- <input id="full_name" name="full_name" value="{{.Org.FullName | Str2html}}">
+ <input id="full_name" name="full_name" value="{{.Org.FullName}}">
</div>
<div class="field {{if .Err_Description}}error{{end}}">
<label for="description">{{$.i18n.Tr "org.org_desc"}}</label>
diff --git a/templates/org/team/members.tmpl b/templates/org/team/members.tmpl
index 091c939e6a..c9240beb2b 100644
--- a/templates/org/team/members.tmpl
+++ b/templates/org/team/members.tmpl
@@ -17,7 +17,7 @@
{{end}}
<a href="{{.HomeLink}}">
<img class="ui avatar image" src="{{.RelAvatarLink}}">
- {{.DisplayName | Str2html}}
+ {{.DisplayName}}
</a>
</div>
{{end}}