forgejo/templates/repo/issue/view_content
Gusted ca798e4cc2
[SECURITY] Test XSS in dismissed review
It's possible for reviews to not be assiocated with users, when they
were migrated from another forge instance. In the migration code,
there's no sanitization check for author names, so they could contain
HTML tags and thus needs to be properely escaped.
2024-02-22 15:33:20 +01:00
..
add_reaction.tmpl Improve and fix bugs surrounding reactions (#24760) 2023-05-28 01:34:18 +00:00
attachments.tmpl Always use ctx.Locale.Tr inside templates (#27231) 2023-09-25 08:56:50 +00:00
comments.tmpl [SECURITY] Test XSS in dismissed review 2024-02-22 15:33:20 +01:00
comments_delete_time.tmpl Always use ctx.Locale.Tr inside templates (#27231) 2023-09-25 08:56:50 +00:00
context_menu.tmpl Always use ctx.Locale.Tr inside templates (#27231) 2023-09-25 08:56:50 +00:00
conversation.tmpl [BUG] split code conversations in diff tab (#2306) 2024-02-16 12:16:11 +00:00
pull.tmpl Disallow merge when required checked are missing (#29143) 2024-02-19 22:58:33 +01:00
pull_merge_instruction.tmpl Add merge style fast-forward-only (#28954) 2024-02-14 17:19:19 +01:00
reactions.tmpl Add non-JS fallback for reaction tooltips (#28785) 2024-01-15 09:42:59 +08:00
reference_issue_dialog.tmpl Always use ctx.Locale.Tr inside templates (#27231) 2023-09-25 08:56:50 +00:00
show_role.tmpl Add member, collaborator, contributor, and first-time contributor roles and tooltips (#26658) 2023-08-24 13:06:17 +08:00
sidebar.tmpl Fix can not select team reviewers when reviewers is empty (#29174) 2024-02-17 23:24:30 +01:00
update_branch_by_merge.tmpl Always use ctx.Locale.Tr inside templates (#27231) 2023-09-25 08:56:50 +00:00
watching.tmpl Introduce htmx and use it to avoid full page load on Subscribe and Follow (#28908) 2024-01-30 15:45:54 +01:00