diff options
author | Robert Speicher <rspeicher@gmail.com> | 2016-04-19 11:22:19 -0400 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2016-04-19 11:26:02 -0400 |
commit | 5ac95d0f2b70877aea717e25fb3fba8531cf2915 (patch) | |
tree | 80ad707482af06d372fac1d109ade1fa869f2320 | |
parent | c00312909aa369ea8732115190870e0e6c7e2383 (diff) | |
download | gitlab-ce-5ac95d0f2b70877aea717e25fb3fba8531cf2915.tar.gz |
Remove persistent XSS vulnerability in `commit_person_link` helper
See https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/1948
-rw-r--r-- | CHANGELOG | 3 | ||||
-rw-r--r-- | app/helpers/commits_helper.rb | 2 | ||||
-rw-r--r-- | app/helpers/projects_helper.rb | 2 |
3 files changed, 5 insertions, 2 deletions
diff --git a/CHANGELOG b/CHANGELOG index 7b0e5e9ce25..de1c6006fab 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,8 @@ Please view this file on the master branch, on stable branches it's out of date. +v 8.3.8 + - Remove persistent XSS vulnerability in `commit_person_link` helper + v 8.3.7 - Fix a 2FA authentication spoofing vulnerability. diff --git a/app/helpers/commits_helper.rb b/app/helpers/commits_helper.rb index 590d20ac7b3..28bcd621e5f 100644 --- a/app/helpers/commits_helper.rb +++ b/app/helpers/commits_helper.rb @@ -152,7 +152,7 @@ module CommitsHelper options = { class: "commit-#{options[:source]}-link has_tooltip", - data: { :'original-title' => sanitize(source_email) } + title: source_email } if user.nil? diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb index 77ba612548a..9da09955c75 100644 --- a/app/helpers/projects_helper.rb +++ b/app/helpers/projects_helper.rb @@ -40,7 +40,7 @@ module ProjectsHelper link_to(author_html, user_path(author), class: "author_link").html_safe else title = opts[:title].sub(":name", sanitize(author.name)) - link_to(author_html, user_path(author), class: "author_link has_tooltip", data: { :'original-title' => title, container: 'body' } ).html_safe + link_to(author_html, user_path(author), class: "author_link has_tooltip", title: title, data: { container: 'body' } ).html_safe end end |