diff options
| author | Josh Frye <joshfng@gmail.com> | 2016-01-12 14:15:59 -0500 |
|---|---|---|
| committer | Josh Frye <joshfng@gmail.com> | 2016-01-16 10:49:51 -0500 |
| commit | 2d3655cd1403d354717ee4cb704c35a061e4b561 (patch) | |
| tree | 89d15f067e1edb81e4cba3332a38287376329d00 /app/views/abuse_reports | |
| parent | c70ed7f2cdc0fbecea739a08332529b71325938c (diff) | |
| download | gitlab-ce-2d3655cd1403d354717ee4cb704c35a061e4b561.tar.gz | |
sanitize user supplied input.
Diffstat (limited to 'app/views/abuse_reports')
| -rw-r--r-- | app/views/abuse_reports/new.html.haml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/views/abuse_reports/new.html.haml b/app/views/abuse_reports/new.html.haml index 8d31182a3e6..f125ecf7be5 100644 --- a/app/views/abuse_reports/new.html.haml +++ b/app/views/abuse_reports/new.html.haml @@ -16,7 +16,7 @@ .form-group = f.label :message, class: 'control-label' .col-sm-10 - = f.text_area :message, class: "form-control js-quick-submit", rows: 2, required: true, value: @ref_url + = f.text_area :message, class: "form-control js-quick-submit", rows: 2, required: true, value: sanitize(@ref_url) .help-block Explain the problem with this user. If appropriate, provide a link to the relevant issue or comment. |