diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-30 15:07:06 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-30 15:07:06 +0300 |
| commit | 7aa22e9a103b049dd2da70045a5822c51164f7db (patch) | |
| tree | f741dded2bd2965e9e9b7ce4c680e2ddaf0aa3d3 /app/assets/javascripts | |
| parent | 5c229c2ebe3304a58afd1d40418410a8c3723ea5 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/assets/javascripts')
4 files changed, 8 insertions, 8 deletions
diff --git a/app/assets/javascripts/awards_handler.js b/app/assets/javascripts/awards_handler.js index 9ab1d6bfd80..1855fb9ed8c 100644 --- a/app/assets/javascripts/awards_handler.js +++ b/app/assets/javascripts/awards_handler.js @@ -2,7 +2,7 @@ import { GlBreakpointInstance as bp } from '@gitlab/ui/dist/utils'; import $ from 'jquery'; -import { uniq } from 'lodash'; +import { uniq, escape } from 'lodash'; import { getEmojiScoreWithIntent } from '~/emoji/utils'; import { getCookie, setCookie, scrollToElement } from '~/lib/utils/common_utils'; import * as Emoji from '~/emoji'; @@ -149,7 +149,7 @@ export class AwardsHandler { let frequentlyUsedCatgegory = ''; if (frequentlyUsedEmojis.length > 0) { frequentlyUsedCatgegory = this.renderCategory('Frequently used', frequentlyUsedEmojis, { - menuListClass: 'frequent-emojis', + frequentEmojis: true, }); } @@ -228,9 +228,9 @@ export class AwardsHandler { renderCategory(name, emojiList, opts = {}) { return ` <h5 class="emoji-menu-title"> - ${name} + ${escape(name)} </h5> - <ul class="clearfix emoji-menu-list ${opts.menuListClass || ''}"> + <ul class="clearfix emoji-menu-list ${opts.frequentEmojis ? 'frequent-emojis' : ''}"> ${emojiList .map( (emojiName) => ` diff --git a/app/assets/javascripts/gfm_auto_complete.js b/app/assets/javascripts/gfm_auto_complete.js index 18647cca0b2..293cd2df16f 100644 --- a/app/assets/javascripts/gfm_auto_complete.js +++ b/app/assets/javascripts/gfm_auto_complete.js @@ -997,7 +997,7 @@ GfmAutoComplete.Issues = { return value.reference || '${atwho-at}${id}'; }, templateFunction({ id, title, reference }) { - return `<li><small>${reference || id}</small> ${escape(title)}</li>`; + return `<li><small>${escape(reference || id)}</small> ${escape(title)}</li>`; }, }; // Milestones diff --git a/app/assets/javascripts/lib/utils/common_utils.js b/app/assets/javascripts/lib/utils/common_utils.js index beced4f9144..9ef8eee2132 100644 --- a/app/assets/javascripts/lib/utils/common_utils.js +++ b/app/assets/javascripts/lib/utils/common_utils.js @@ -4,7 +4,7 @@ import { GlBreakpointInstance as breakpointInstance } from '@gitlab/ui/dist/utils'; import $ from 'jquery'; -import { isFunction, defer } from 'lodash'; +import { isFunction, defer, escape } from 'lodash'; import Cookies from '~/lib/utils/cookies'; import { SCOPED_LABEL_DELIMITER } from '~/vue_shared/components/sidebar/labels_select_widget/constants'; import { convertToCamelCase, convertToSnakeCase } from './text_utility'; @@ -469,7 +469,7 @@ export const backOff = (fn, timeout = 60000) => { export const spriteIcon = (icon, className = '') => { const classAttribute = className.length > 0 ? `class="${className}"` : ''; - return `<svg ${classAttribute}><use xlink:href="${gon.sprite_icons}#${icon}" /></svg>`; + return `<svg ${classAttribute}><use xlink:href="${gon.sprite_icons}#${escape(icon)}" /></svg>`; }; /** diff --git a/app/assets/javascripts/projects/settings/access_dropdown.js b/app/assets/javascripts/projects/settings/access_dropdown.js index 335545c802a..dcf7415a444 100644 --- a/app/assets/javascripts/projects/settings/access_dropdown.js +++ b/app/assets/javascripts/projects/settings/access_dropdown.js @@ -580,7 +580,7 @@ export default class AccessDropdown { return ` <li> <a href="#" class="${isActiveClass} item-${role.type}" data-role-id="${role.id}"> - ${role.text} + ${escape(role.text)} </a> </li> `; |