Martchus
/
PKGBUILDs
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
PKGBUILDs/gogs/default/0004-SECURITY-fix-branch-na...

42 lines
2.0 KiB
Diff
Raw Blame History

From 3025fe70a794d70e3422784401f9ad04d0d71032 Mon Sep 17 00:00:00 2001
From: Unknwon <u@gogs.io>
Date: Sun, 15 Oct 2017 00:07:46 -0400
Subject: [PATCH 4/4] SECURITY: fix branch name persistent XSS
Reported by Carl Hattenfels.
---
templates/repo/editor/commit_form.tmpl | 3 ++-
templates/repo/issue/view_title.tmpl | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/templates/repo/editor/commit_form.tmpl b/templates/repo/editor/commit_form.tmpl
index 6aee9f1d1..6ee6300ff 100644
--- a/templates/repo/editor/commit_form.tmpl
+++ b/templates/repo/editor/commit_form.tmpl
@@ -14,7 +14,8 @@
<input type="radio" class="js-quick-pull-choice-option" name="commit_choice" value="direct" {{if eq .commit_choice "direct"}}checked{{end}}>
<label>
<i class="octicon octicon-git-commit" height="16" width="14"></i>
- {{.i18n.Tr "repo.editor.commit_directly_to_this_branch" .BranchName | Safe}}
+ {{$branchName := .BranchName | Str2html}}
+ {{.i18n.Tr "repo.editor.commit_directly_to_this_branch" $branchName | Safe}}
</label>
</div>
</div>
diff --git a/templates/repo/issue/view_title.tmpl b/templates/repo/issue/view_title.tmpl
index 3f3b62e65..4650ba4c8 100644
--- a/templates/repo/issue/view_title.tmpl
+++ b/templates/repo/issue/view_title.tmpl
@@ -28,7 +28,7 @@
{{if .Issue.PullRequest.HasMerged}}
{{ $mergedStr:= TimeSince .Issue.PullRequest.Merged $.Lang }}
<a {{if gt .Issue.PullRequest.Merger.ID 0}}href="{{.Issue.PullRequest.Merger.HomeLink}}"{{end}}>{{.Issue.PullRequest.Merger.Name}}</a>
- <span class="pull-desc">{{$.i18n.Tr "repo.pulls.merged_title_desc" .NumCommits .HeadTarget .BaseTarget $mergedStr | Safe}}</span>
+ <span class="pull-desc">{{$.i18n.Tr "repo.pulls.merged_title_desc" .NumCommits .HeadTarget .BaseTarget $mergedStr | Str2html}}</span>
{{else}}
<a {{if gt .Issue.Poster.ID 0}}href="{{.Issue.Poster.HomeLink}}"{{end}}>{{.Issue.Poster.Name}}</a>
<span class="pull-desc">{{$.i18n.Tr "repo.pulls.title_desc" .NumCommits .HeadTarget .BaseTarget | Str2html}}</span>
--
2.15.0
Reference in New Issue View Git Blame Copy Permalink