1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-11-22 08:42:32 -05:00

Merge pull request '[v8.0/forgejo] replace v-html with v-text in branch search inputbox for XSS protection' (#5247) from bp-v8.0/forgejo-bb8796b into v8.0/forgejo

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5247
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
This commit is contained in:
Earl Warren 2024-09-06 11:58:45 +00:00
commit 71658e2953

View file

@ -289,13 +289,11 @@ export default sfc; // activate IDE's Vue plugin
<a href="#" @click="createNewBranch()"> <a href="#" @click="createNewBranch()">
<div v-show="shouldCreateTag"> <div v-show="shouldCreateTag">
<i class="reference tags icon"/> <i class="reference tags icon"/>
<!-- eslint-disable-next-line vue/no-v-html --> <span v-text="textCreateTag.replace('%s', searchTerm)"/>
<span v-html="textCreateTag.replace('%s', searchTerm)"/>
</div> </div>
<div v-show="!shouldCreateTag"> <div v-show="!shouldCreateTag">
<svg-icon name="octicon-git-branch"/> <svg-icon name="octicon-git-branch"/>
<!-- eslint-disable-next-line vue/no-v-html --> <span v-text="textCreateBranch.replace('%s', searchTerm)"/>
<span v-html="textCreateBranch.replace('%s', searchTerm)"/>
</div> </div>
<div class="text small"> <div class="text small">
<span v-if="isViewBranch || release">{{ textCreateBranchFrom.replace('%s', branchName) }}</span> <span v-if="isViewBranch || release">{{ textCreateBranchFrom.replace('%s', branchName) }}</span>