diff options
author | Robert Speicher <rspeicher@gmail.com> | 2016-04-19 11:22:19 -0400 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2016-04-19 11:25:38 -0400 |
commit | 6daf9677199779532947ae2667007809e817a627 (patch) | |
tree | 80a0ae868acb6d1ed4c6d851dabaab624c676e4c | |
parent | ba0f3b6e9164dcce62a2eb52a553e2f2def2cd9b (diff) | |
download | gitlab-ce-6daf9677199779532947ae2667007809e817a627.tar.gz |
Remove persistent XSS vulnerability in `commit_person_link` helper
See https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/1948
-rw-r--r-- | CHANGELOG | 3 | ||||
-rw-r--r-- | app/helpers/commits_helper.rb | 2 | ||||
-rw-r--r-- | app/helpers/projects_helper.rb | 2 |
3 files changed, 5 insertions, 2 deletions
diff --git a/CHANGELOG b/CHANGELOG index 0d53ffea831..974143f9fde 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,8 @@ Please view this file on the master branch, on stable branches it's out of date. +v 8.4.9 + - Remove persistent XSS vulnerability in `commit_person_link` helper + v 8.4.8 - Fix a 2FA authentication spoofing vulnerability. diff --git a/app/helpers/commits_helper.rb b/app/helpers/commits_helper.rb index d26f007c8e6..f5211cfda3b 100644 --- a/app/helpers/commits_helper.rb +++ b/app/helpers/commits_helper.rb @@ -152,7 +152,7 @@ module CommitsHelper options = { class: "commit-#{options[:source]}-link has_tooltip", - data: { :'original-title' => sanitize(source_email) } + title: source_email } if user.nil? diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb index 6bcff3aad14..ee1ed4926ab 100644 --- a/app/helpers/projects_helper.rb +++ b/app/helpers/projects_helper.rb @@ -40,7 +40,7 @@ module ProjectsHelper link_to(author_html, user_path(author), class: "author_link").html_safe else title = opts[:title].sub(":name", sanitize(author.name)) - link_to(author_html, user_path(author), class: "author_link has_tooltip", data: { :'original-title' => title, container: 'body' } ).html_safe + link_to(author_html, user_path(author), class: "author_link has_tooltip", title: title, data: { container: 'body' } ).html_safe end end |