diff options
Diffstat (limited to 'routers/user/oauth.go')
| -rw-r--r-- | routers/user/oauth.go | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/routers/user/oauth.go b/routers/user/oauth.go index a9e089b39f..12665e94db 100644 --- a/routers/user/oauth.go +++ b/routers/user/oauth.go @@ -7,6 +7,7 @@ package user import ( "encoding/base64" "fmt" + "html" "net/url" "strings" @@ -271,8 +272,8 @@ func AuthorizeOAuth(ctx *context.Context, form auth.AuthorizationForm) { ctx.Data["Application"] = app ctx.Data["RedirectURI"] = form.RedirectURI ctx.Data["State"] = form.State - ctx.Data["ApplicationUserLink"] = "<a href=\"" + setting.AppURL + app.User.LowerName + "\">@" + app.User.Name + "</a>" - ctx.Data["ApplicationRedirectDomainHTML"] = "<strong>" + form.RedirectURI + "</strong>" + ctx.Data["ApplicationUserLink"] = "<a href=\"" + html.EscapeString(setting.AppURL) + html.EscapeString(url.PathEscape(app.User.LowerName)) + "\">@" + html.EscapeString(app.User.Name) + "</a>" + ctx.Data["ApplicationRedirectDomainHTML"] = "<strong>" + html.EscapeString(form.RedirectURI) + "</strong>" // TODO document SESSION <=> FORM err = ctx.Session.Set("client_id", app.ClientID) if err != nil { |