diff options
author | Kushal Pandya <kushalspandya@gmail.com> | 2019-01-15 19:52:26 +0530 |
---|---|---|
committer | Yorick Peterse <yorickpeterse@gmail.com> | 2019-01-31 16:52:48 +0100 |
commit | 08c1989b0dcbf41410cd1bfc0fbfa5d79df2aedf (patch) | |
tree | 61d0166b1f3164eff76aeed258eb3eca609d8267 /app/views/notify/_note_email.text.erb | |
parent | 35b8f103a87811e0a825773aad3e3d04ee85fa9e (diff) | |
download | gitlab-ce-08c1989b0dcbf41410cd1bfc0fbfa5d79df2aedf.tar.gz |
Use `sanitize_name` to sanitize URL in user full name
Diffstat (limited to 'app/views/notify/_note_email.text.erb')
-rw-r--r-- | app/views/notify/_note_email.text.erb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/app/views/notify/_note_email.text.erb b/app/views/notify/_note_email.text.erb index 50209c46ed1..5a67214059c 100644 --- a/app/views/notify/_note_email.text.erb +++ b/app/views/notify/_note_email.text.erb @@ -3,7 +3,7 @@ <% discussion = note.discussion if note.part_of_discussion? -%> <% if discussion && !discussion.individual_note? -%> -<%= note.author_name -%> +<%= sanitize_name(note.author_name) -%> <% if discussion.new_discussion? -%> <%= " started a new discussion" -%> <% else -%> @@ -16,7 +16,7 @@ <% elsif Gitlab::CurrentSettings.email_author_in_body -%> -<%= "#{note.author_name} commented:" -%> +<%= "#{sanitize_name(note.author_name)} commented:" -%> <% end -%> |