From 0d66b1cc1c8c44c041f5274f967535d62bd371e1 Mon Sep 17 00:00:00 2001
From: Unknwon <u@gogs.io>
Date: Fri, 28 Sep 2018 23:56:45 -0400
Subject: pkg/context: apply EscapePound at context level

Always escape template variable {{.Link}} variable and  redirect calls.

Relates to #5442
---
 pkg/template/template.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'pkg/template')

diff --git a/pkg/template/template.go b/pkg/template/template.go
index ff9921e7..8a85980a 100644
--- a/pkg/template/template.go
+++ b/pkg/template/template.go
@@ -64,7 +64,7 @@ func NewFuncMap() []template.FuncMap {
 		"AppendAvatarSize": tool.AppendAvatarSize,
 		"Safe":             Safe,
 		"Sanitize":         bluemonday.UGCPolicy().Sanitize,
-		"Str2html":         Str2html,
+		"Str2html":         Str2HTML,
 		"NewLine2br":       NewLine2br,
 		"TimeSince":        tool.TimeSince,
 		"RawTimeSince":     tool.RawTimeSince,
@@ -127,7 +127,7 @@ func Safe(raw string) template.HTML {
 	return template.HTML(raw)
 }
 
-func Str2html(raw string) template.HTML {
+func Str2HTML(raw string) template.HTML {
 	return template.HTML(markup.Sanitize(raw))
 }
 
-- 
cgit v1.2.3