Stop sanitizing full name in API (#17396) - gitea.git - Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea

diff options

author	zeripath <art27@cantab.net>	2021-10-22 08:17:35 +0100
committer	GitHub <noreply@github.com>	2021-10-22 15:17:35 +0800
commit	af96286f2254c1e073394aae0f18b132f07b38ad (patch)
tree	bab12c7bc5537ea614e2fca5dee98f28e95fd18a /services
parent	23d36929bc098e452ccdd6e9188302304dde980e (diff)
download	gitea-af96286f2254c1e073394aae0f18b132f07b38ad.tar.gz gitea-af96286f2254c1e073394aae0f18b132f07b38ad.zip

Stop sanitizing full name in API (#17396)

The API convert.toUser function makes the incorrect assumption that full names could be rendered as is without being escaped. It therefore runs the names through markup.Sanitize which leads to a double escape of user full names. This pr stops this. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Diffstat (limited to 'services')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: