From 0d66b1cc1c8c44c041f5274f967535d62bd371e1 Mon Sep 17 00:00:00 2001 From: Unknwon Date: Fri, 28 Sep 2018 23:56:45 -0400 Subject: pkg/context: apply EscapePound at context level Always escape template variable {{.Link}} variable and redirect calls. Relates to #5442 --- templates/repo/issue/new_form.tmpl | 2 +- templates/repo/settings/protected_branch.tmpl | 4 ++-- templates/repo/wiki/new.tmpl | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to 'templates/repo') diff --git a/templates/repo/issue/new_form.tmpl b/templates/repo/issue/new_form.tmpl index d3f9f710..c2f215e2 100644 --- a/templates/repo/issue/new_form.tmpl +++ b/templates/repo/issue/new_form.tmpl @@ -1,4 +1,4 @@ -
+ {{.CSRFTokenHTML}} {{if .Flash}}
diff --git a/templates/repo/settings/protected_branch.tmpl b/templates/repo/settings/protected_branch.tmpl index 10495718..e9367fe0 100644 --- a/templates/repo/settings/protected_branch.tmpl +++ b/templates/repo/settings/protected_branch.tmpl @@ -11,7 +11,7 @@

{{.i18n.Tr "repo.settings.branch_protection_desc" .Branch.Name | Str2html}}

- + {{.CSRFTokenHTML}}
@@ -83,4 +83,4 @@
-{{template "base/footer" .}} \ No newline at end of file +{{template "base/footer" .}} diff --git a/templates/repo/wiki/new.tmpl b/templates/repo/wiki/new.tmpl index 74069758..13ba3b9f 100644 --- a/templates/repo/wiki/new.tmpl +++ b/templates/repo/wiki/new.tmpl @@ -11,7 +11,7 @@
{{end}} - + {{.CSRFTokenHTML}}
-- cgit v1.2.3