From 6ee52d0085dc90ad26b22974ae6cc6121649116e Mon Sep 17 00:00:00 2001 From: blackst0ne Date: Fri, 11 May 2018 10:09:11 +1100 Subject: [Rails5] Fix app/views/groups/issues.html.haml Fixes the errors like: ``` ActionView::Template::Error: Attempting to generate a URL from non-sanitized request parameters! An attacker can inject malicious data into the generated URL, such as changing the host. Whitelist and sanitize passed parameters to be secure. ``` --- app/views/groups/issues.html.haml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/groups/issues.html.haml b/app/views/groups/issues.html.haml index bbfbea4ac7a..662db18cf86 100644 --- a/app/views/groups/issues.html.haml +++ b/app/views/groups/issues.html.haml @@ -8,7 +8,7 @@ .top-area = render 'shared/issuable/nav', type: :issues .nav-controls - = link_to params.merge(rss_url_options), class: 'btn' do + = link_to safe_params.merge(rss_url_options), class: 'btn' do = icon('rss') %span.icon-label Subscribe -- cgit v1.2.1