Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/helpers
diff options
context:
space:
mode:
authorPatrick Derichs <pderichs@gitlab.com>2019-08-01 10:18:12 +0300
committerPatrick Derichs <pderichs@gitlab.com>2019-08-05 17:27:37 +0300
commit5bfd913736eb7603630cd7af79adf2214ab50109 (patch)
tree3fd9af7edd518a9ca741c32fd0023882200b71b7 /app/helpers
parent6ccbccc2010dc1197d7b721c76cdb176050e43d8 (diff)
Fix HTML injection for label description
Diffstat (limited to 'app/helpers')
-rw-r--r--app/helpers/labels_helper.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/app/helpers/labels_helper.rb b/app/helpers/labels_helper.rb
index db4f29cd996..bed6eb90209 100644
--- a/app/helpers/labels_helper.rb
+++ b/app/helpers/labels_helper.rb
@@ -72,7 +72,7 @@ module LabelsHelper
end
def label_tooltip_title(label)
- label.description
+ Sanitize.clean(label.description)
end
def suggested_colors
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-07 18:35:44 +0300