tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-08-12 04:28:21 +00:00
Code Releases Activity

Security: prevent XSS attach on wiki page (#955)

Browse Source 
Reported by Miguel Ángel Jimeno.
This commit is contained in:
Lunny Xiao
2017-02-16 17:02:15 +08:00
committed by GitHub
parent ab4eb0daf9
commit 91836614cd
2 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/templates/helper.go
View File

@@ -15,6 +15,7 @@ import (
"strings"
"time"
"github.com/microcosm-cc/bluemonday"
"golang.org/x/net/html/charset"
"golang.org/x/text/transform"
"gopkg.in/editorconfig/editorconfig-core-go.v1"
@@ -61,6 +62,7 @@ func NewFuncMap() []template.FuncMap {
},
"AvatarLink": base.AvatarLink,
"Safe": Safe,
"Sanitize": bluemonday.UGCPolicy().Sanitize,
"Str2html": Str2html,
"TimeSince": base.TimeSince,
"RawTimeSince": base.RawTimeSince,