tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-08-11 03:58:20 +00:00
Code Releases Activity

Security: fix XSS attack on milestone (#976)

Browse Source 
Reported by Miguel Ángel Jimeno.
This commit is contained in:
Lunny Xiao
2017-02-19 19:09:59 +08:00
committed by GitHub
parent dbe6d2ff8e
commit 6076c95dd1
3 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
templates/repo/issue/milestones.tmpl
View File

@@ -43,7 +43,7 @@
<div class="milestone list">
{{range .Milestones}}
<li class="item">
<i class="octicon octicon-milestone"></i> <a href="{{$.RepoLink}}/issues?state={{$.State}}&milestone={{.ID}}">{{.Name}}</a>
<i class="octicon octicon-milestone"></i> <a href="{{$.RepoLink}}/issues?state={{$.State}}&milestone={{.ID}}">{{.Name | Sanitize}}</a>
<div class="ui right green progress" data-percent="{{.Completeness}}">
<div class="bar" {{if not .Completeness}}style="background-color: transparent"{{end}}>
<div class="progress"></div>