mirror of
https://github.com/go-gitea/gitea
synced 2025-10-30 10:58:27 +00:00
d8a8961b99
* Sanitize user-input on file name - Sanitize user-input before it get passed into the DOM. - Prevent things like "<iframe onload=alert(1)></iframe>" from being executed. This isn't a XSS attack as the server seems to be santizing the path as well. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
5.8 KiB
5.8 KiB