Add filter param sanitizationgeorgekoltsov/51260-add-filtering-to-bitbucket-server-import

author: George Koltsov <gkoltsov@gitlab.com> 2019-08-06 17:18:53 +0100
committer: George Koltsov <gkoltsov@gitlab.com> 2019-08-12 11:16:52 +0100
commit: 485b8b86edaeed1ba3a8bf55df23ca6cbc1f015b (patch)
tree: dee1f2eb6e62c3d8fdbdc3a81c1213a32154cb70 /app/views/import
parent: 94e1404c4b138ede19611a46a5736764a61cdab7 (diff)
download: gitlab-ce-485b8b86edaeed1ba3a8bf55df23ca6cbc1f015b.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/app/views/import/bitbucket_server/status.html.haml b/app/views/import/bitbucket_server/status.html.haml
index 1218462577a..aac09801d91 100644
--- a/app/views/import/bitbucket_server/status.html.haml
+++ b/app/views/import/bitbucket_server/status.html.haml
@@ -23,7 +23,7 @@
 
 .input-btn-group.float-right
   = form_tag status_import_bitbucket_server_path, :method => 'get' do
-    = text_field_tag :filter, params[:filter], class: 'form-control append-bottom-10', placeholder: _('Filter your projects by name'), size: 40, autoFocus: true
+    = text_field_tag :filter, sanitize(params[:filter]), class: 'form-control append-bottom-10', placeholder: _('Filter your projects by name'), size: 40, autoFocus: true
 
 .table-responsive.prepend-top-10
   %table.table.import-jobs
author	George Koltsov <gkoltsov@gitlab.com>	2019-08-06 17:18:53 +0100
committer	George Koltsov <gkoltsov@gitlab.com>	2019-08-12 11:16:52 +0100
commit	485b8b86edaeed1ba3a8bf55df23ca6cbc1f015b (patch)
tree	dee1f2eb6e62c3d8fdbdc3a81c1213a32154cb70 /app/views/import
parent	94e1404c4b138ede19611a46a5736764a61cdab7 (diff)
download	gitlab-ce-485b8b86edaeed1ba3a8bf55df23ca6cbc1f015b.tar.gz