mirror of
https://github.com/go-gitea/gitea.git
synced 2024-09-30 03:26:01 -04:00
Fix possible xss bug
This commit is contained in:
parent
bb8fac8492
commit
8bd1218e8b
@ -607,12 +607,12 @@
|
||||
{{template "shared/user/avatarlink" dict "user" .Poster}}
|
||||
<span class="text grey muted-links">
|
||||
{{template "shared/user/authorlink" .Poster}}
|
||||
{{$newProjectDisplayHtml := .CommentMetaData.ProjectTitle|Safe}}
|
||||
{{$newProjectDisplayHtml := .CommentMetaData.ProjectTitle}}
|
||||
{{if .Project}}
|
||||
{{$trKey := printf "projects.type-%d.display_name" .Project.Type}}
|
||||
{{$newProjectDisplayHtml = printf `%s <a href="%s"><span data-tooltip-content="%s">%s</span></a>` (svg .Project.IconName) (.Project.Link ctx) (ctx.Locale.Tr $trKey | Escape) (.Project.Title | Escape)}}
|
||||
{{end}}
|
||||
{{ctx.Locale.Tr "repo.issues.move_to_column_of_project" (.CommentMetaData.ProjectColumnTitle|Safe) ($newProjectDisplayHtml|Safe) $createdStr}}
|
||||
{{ctx.Locale.Tr "repo.issues.move_to_column_of_project" (.CommentMetaData.ProjectColumnTitle|Escape) ($newProjectDisplayHtml|Safe) $createdStr}}
|
||||
</span>
|
||||
</div>
|
||||
{{end}}
|
||||
|
Loading…
Reference in New Issue
Block a user