diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-07-10 11:09:00 +0300 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-07-10 11:09:00 +0300 |
| commit | 53a8d50b2b1db9addf0f5fbcfa56db0fcc811073 (patch) | |
| tree | 6885b670205be70cc0774fb17660e31c20946b97 /app/views/projects/commits/_commit.html.haml | |
| parent | 4fb5a39dc04822f1cfac1090a431e51fb43e7a07 (diff) | |
| download | gitlab-ce-53a8d50b2b1db9addf0f5fbcfa56db0fcc811073.tar.gz | |
Prevent html injection on commits page by commit message
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Diffstat (limited to 'app/views/projects/commits/_commit.html.haml')
| -rw-r--r-- | app/views/projects/commits/_commit.html.haml | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/app/views/projects/commits/_commit.html.haml b/app/views/projects/commits/_commit.html.haml index 5adb6b9e3b1..abe0d4cff46 100644 --- a/app/views/projects/commits/_commit.html.haml +++ b/app/views/projects/commits/_commit.html.haml @@ -22,7 +22,8 @@ - if commit.description? .commit-row-description.js-toggle-content - = simple_format(commit.description) + %pre + = commit.description .commit-row-info = commit_author_link(commit, avatar: true, size: 16) |