tdsds.com/gitea
tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2024-06-01 17:05:48 +00:00
Code Releases Activity

Escape the commit message on issues update (#6901) (#6902)

Browse Source
This commit is contained in:
zeripath 2019-05-10 21:19:45 +01:00 committed by GitHub
parent c8fc7fce4a
commit ebb8fa610c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
models/action.go
View File

@ -7,6 +7,7 @@ package models
import ( import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"html"
"path" "path"
"regexp" "regexp"
"strconv" "strconv"
@ -532,7 +533,7 @@ func UpdateIssuesCommit(doer *User, repo *Repository, commits []*PushCommit, bra
} }
refMarked[issue.ID] = true refMarked[issue.ID] = true
message := fmt.Sprintf(`<a href="%s/commit/%s">%s</a>`, repo.Link(), c.Sha1, c.Message) message := fmt.Sprintf(`<a href="%s/commit/%s">%s</a>`, repo.Link(), c.Sha1, html.EscapeString(c.Message))
if err = CreateRefComment(doer, repo, issue, message, c.Sha1); err != nil { if err = CreateRefComment(doer, repo, issue, message, c.Sha1); err != nil {
return err return err
} }