diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-08-26 17:39:20 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-08-26 17:39:20 +0300 |
| commit | 2df40ad22e49d68d217e932515bc780ab7f8096e (patch) | |
| tree | 6d1d097c7d0a38bf2a37c5b2eeda72e65d7d14d5 /app | |
| parent | fc9b097611b0bde6fede8c8f884acd091a464e87 (diff) | |
Add latest changes from gitlab-org/security/gitlab@15-2-stable-ee
Diffstat (limited to 'app')
| -rw-r--r-- | app/assets/javascripts/notebook/cells/output/html.vue | 9 | ||||
| -rw-r--r-- | app/helpers/labels_helper.rb | 2 |
2 files changed, 9 insertions, 2 deletions
diff --git a/app/assets/javascripts/notebook/cells/output/html.vue b/app/assets/javascripts/notebook/cells/output/html.vue index 2d1d8845e41..fdcea300388 100644 --- a/app/assets/javascripts/notebook/cells/output/html.vue +++ b/app/assets/javascripts/notebook/cells/output/html.vue @@ -40,6 +40,13 @@ export default { <template> <div class="output"> <prompt type="Out" :count="count" :show-output="showOutput" /> - <div v-safe-html:[$options.safeHtmlConfig]="rawCode" class="gl-overflow-auto"></div> + <iframe + sandbox + :srcdoc="rawCode" + frameborder="0" + scrolling="no" + width="100%" + class="gl-overflow-auto" + ></iframe> </div> </template> diff --git a/app/helpers/labels_helper.rb b/app/helpers/labels_helper.rb index 877785c9eaf..54d0b45b794 100644 --- a/app/helpers/labels_helper.rb +++ b/app/helpers/labels_helper.rb @@ -247,7 +247,7 @@ module LabelsHelper class="#{css_class}" data-container="body" data-html="true" - #{"style=\"background-color: #{bg_color}\"" if bg_color} + #{"style=\"background-color: #{h bg_color}\"" if bg_color} >#{ERB::Util.html_escape_once(name)}#{suffix}</span> HTML end |