diff options
author | Jan Provaznik <jprovaznik@gitlab.com> | 2019-08-16 10:22:57 +0200 |
---|---|---|
committer | Jan Provaznik <jprovaznik@gitlab.com> | 2019-08-23 10:36:51 +0200 |
commit | a98b89e9bcb56b9adc3a4b0bef3e9844bf93bfd0 (patch) | |
tree | 4b7d1487d1bddddd94ae11ede65c14eb63926834 /changelogs | |
parent | 842b4d4ab59f19f7311b7f39948e699a6924fd52 (diff) | |
download | gitlab-ce-a98b89e9bcb56b9adc3a4b0bef3e9844bf93bfd0.tar.gz |
Re-escape whole HTML content instead of only match
When we un-escape HTML text to find references in it, we should then
re-escape the whole text again, not only found matches.
Because we replace matches with milestone/label links (which contain
HTML tags we don't want to escape again), we re-escape HTML text
with placeholders instead of these links and then replace placeholders
in the escaped text.
Diffstat (limited to 'changelogs')
-rw-r--r-- | changelogs/unreleased/security-fix-markdown-xss.yml | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/changelogs/unreleased/security-fix-markdown-xss.yml b/changelogs/unreleased/security-fix-markdown-xss.yml new file mode 100644 index 00000000000..7ef19f13fd5 --- /dev/null +++ b/changelogs/unreleased/security-fix-markdown-xss.yml @@ -0,0 +1,5 @@ +--- +title: Make sure HTML text is always escaped when replacing label/milestone references. +merge_request: +author: +type: security |