haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-02 23:48:47 +00:00
Code Issues Releases Wiki Activity

Repair xss bug (#5256)

Browse Source 
* repair upload file with same script name bug

* update repo name xss bug

* fix: transform lib xss bug

* optimize code
This commit is contained in:
杨顺强
2022-09-08 16:42:55 +08:00
committed by GitHub
parent db77c8e8ad
commit 91d1751a57
9 changed files with 71 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
frontend/src/repo-snapshot.js
View File

@@ -9,6 +9,7 @@ import ModalPortal from './components/modal-portal';
import toaster from './components/toast';
import CommonToolbar from './components/toolbar/common-toolbar';
import ConfirmRestoreRepo from './components/dialog/confirm-restore-repo';
import StyledTitle from './components/styled-title';
import './css/toolbar.css';
import './css/search.css';
@@ -139,7 +140,10 @@ class RepoSnapshot extends React.Component {
<div className="flex-auto container-fluid pt-4 pb-6 o-auto">
<div className="row">
<div className="col-md-10 offset-md-1">
<h2 dangerouslySetInnerHTML={{__html: Utils.generateDialogTitle(gettext('{placeholder} Snapshot'), repoName) + ` <span class="heading-commit-time">(${commitTime})</span>`}}></h2>
<h2>
<StyledTitle title={repoName} />{gettext('Snapshot')}{' '}
<span class="heading-commit-time">(${commitTime})</span>
</h2>
<a href="#" className="go-back" title={gettext('Back')} role="button" aria-label={gettext('Back')} onClick={this.goBack}>
<span className="fas fa-chevron-left"></span>
</a>