Sanitize milestones and label titlesissue_15394

author: Felipe Artur <felipefac@gmail.com> 2016-05-04 18:21:57 -0300
committer: Felipe Artur <felipefac@gmail.com> 2016-05-05 16:37:49 -0300
commit: d028863eda8b97f6e4db129ef57f0d3a2130c9b3 (patch)
tree: 010e2d279ef301b4fa301815c9878983ffb240cf /app/models/milestone.rb
parent: fad7b392dc633fb689e657af8b7fad346ede416e (diff)
download: gitlab-ce-d028863eda8b97f6e4db129ef57f0d3a2130c9b3.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/app/models/milestone.rb b/app/models/milestone.rb
index 986184dd301..ed81791c69c 100644
--- a/app/models/milestone.rb
+++ b/app/models/milestone.rb
@@ -129,6 +129,11 @@ class Milestone < ActiveRecord::Base
     nil
   end
 
+  def title= value
+    value = Sanitize.clean(value.to_s) if value
+    write_attribute(:title, value)
+  end
+
   # Sorts the issues for the given IDs.
   #
   # This method runs a single SQL query using a CASE statement to update the
author	Felipe Artur <felipefac@gmail.com>	2016-05-04 18:21:57 -0300
committer	Felipe Artur <felipefac@gmail.com>	2016-05-05 16:37:49 -0300
commit	d028863eda8b97f6e4db129ef57f0d3a2130c9b3 (patch)
tree	010e2d279ef301b4fa301815c9878983ffb240cf /app/models/milestone.rb
parent	fad7b392dc633fb689e657af8b7fad346ede416e (diff)
download	gitlab-ce-d028863eda8b97f6e4db129ef57f0d3a2130c9b3.tar.gz