loading up the forgejo repo on tangled to test page performance
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge pull request 'replace v-html with v-text in branch search inputbox for XSS protection' (#5244) from earl-warren/forgejo:wip-xss into forgejo

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5244
Reviewed-by: Gusted <gusted@noreply.codeberg.org>

+2 -4
+2 -4
web_src/js/components/RepoBranchTagSelector.vue
··· 289 289 <a href="#" @click="createNewBranch()"> 290 290 <div v-show="shouldCreateTag"> 291 291 <i class="reference tags icon"/> 292 - <!-- eslint-disable-next-line vue/no-v-html --> 293 - <span v-html="textCreateTag.replace('%s', searchTerm)"/> 292 + <span v-text="textCreateTag.replace('%s', searchTerm)"/> 294 293 </div> 295 294 <div v-show="!shouldCreateTag"> 296 295 <svg-icon name="octicon-git-branch"/> 297 - <!-- eslint-disable-next-line vue/no-v-html --> 298 - <span v-html="textCreateBranch.replace('%s', searchTerm)"/> 296 + <span v-text="textCreateBranch.replace('%s', searchTerm)"/> 299 297 </div> 300 298 <div class="text small"> 301 299 <span v-if="isViewBranch || release">{{ textCreateBranchFrom.replace('%s', branchName) }}</span>