aboutsummaryrefslogtreecommitdiffstats
path: root/server/sonar-web/src/main/js/apps/groups/users-view.js
diff options
context:
space:
mode:
Diffstat (limited to 'server/sonar-web/src/main/js/apps/groups/users-view.js')
-rw-r--r--server/sonar-web/src/main/js/apps/groups/users-view.js5
1 files changed, 3 insertions, 2 deletions
diff --git a/server/sonar-web/src/main/js/apps/groups/users-view.js b/server/sonar-web/src/main/js/apps/groups/users-view.js
index 558be7d4160..1342c0685ab 100644
--- a/server/sonar-web/src/main/js/apps/groups/users-view.js
+++ b/server/sonar-web/src/main/js/apps/groups/users-view.js
@@ -17,6 +17,7 @@
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
+import escapeHtml from 'escape-html';
import Modal from '../../components/common/modals';
import '../../components/SelectList';
import Template from './templates/groups-users.hbs';
@@ -31,8 +32,8 @@ export default Modal.extend({
width: '100%',
readOnly: false,
focusSearch: false,
- format(item) {
- return `${item.name}<br><span class="note">${item.login}</span>`;
+ dangerouslyUnescapedHtmlFormat(item) {
+ return `${escapeHtml(item.name)}<br><span class="note">${escapeHtml(item.login)}</span>`;
},
queryParam: 'q',
searchUrl: window.baseUrl + '/api/user_groups/users?ps=100&id=' + this.model.id,
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-14 08:44:45 +0000