mirror of
https://github.com/go-gitea/gitea.git
synced 2024-10-01 03:36:12 -04:00
Fix possible xss bug
This commit is contained in:
parent
bb8fac8492
commit
8bd1218e8b
@ -607,12 +607,12 @@
|
|||||||
{{template "shared/user/avatarlink" dict "user" .Poster}}
|
{{template "shared/user/avatarlink" dict "user" .Poster}}
|
||||||
<span class="text grey muted-links">
|
<span class="text grey muted-links">
|
||||||
{{template "shared/user/authorlink" .Poster}}
|
{{template "shared/user/authorlink" .Poster}}
|
||||||
{{$newProjectDisplayHtml := .CommentMetaData.ProjectTitle|Safe}}
|
{{$newProjectDisplayHtml := .CommentMetaData.ProjectTitle}}
|
||||||
{{if .Project}}
|
{{if .Project}}
|
||||||
{{$trKey := printf "projects.type-%d.display_name" .Project.Type}}
|
{{$trKey := printf "projects.type-%d.display_name" .Project.Type}}
|
||||||
{{$newProjectDisplayHtml = printf `%s <a href="%s"><span data-tooltip-content="%s">%s</span></a>` (svg .Project.IconName) (.Project.Link ctx) (ctx.Locale.Tr $trKey | Escape) (.Project.Title | Escape)}}
|
{{$newProjectDisplayHtml = printf `%s <a href="%s"><span data-tooltip-content="%s">%s</span></a>` (svg .Project.IconName) (.Project.Link ctx) (ctx.Locale.Tr $trKey | Escape) (.Project.Title | Escape)}}
|
||||||
{{end}}
|
{{end}}
|
||||||
{{ctx.Locale.Tr "repo.issues.move_to_column_of_project" (.CommentMetaData.ProjectColumnTitle|Safe) ($newProjectDisplayHtml|Safe) $createdStr}}
|
{{ctx.Locale.Tr "repo.issues.move_to_column_of_project" (.CommentMetaData.ProjectColumnTitle|Escape) ($newProjectDisplayHtml|Safe) $createdStr}}
|
||||||
</span>
|
</span>
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
Loading…
Reference in New Issue
Block a user