Commit 6104942438c14ec7bd21c6cd5bd995272b3faff6
1 parent
ae1d9fb4
Exists in
master
and in
4 other branches
Sanitize for network graph
Showing
1 changed file
with
3 additions
and
1 deletions
Show diff stats
lib/gitlab/graph_commit.rb
| @@ -5,6 +5,8 @@ module Gitlab | @@ -5,6 +5,8 @@ module Gitlab | ||
| 5 | attr_accessor :time, :space | 5 | attr_accessor :time, :space |
| 6 | attr_accessor :refs | 6 | attr_accessor :refs |
| 7 | 7 | ||
| 8 | + include ActionView::Helpers::SanitizeHelper | ||
| 9 | + | ||
| 8 | def self.to_graph(project) | 10 | def self.to_graph(project) |
| 9 | @repo = project.repo | 11 | @repo = project.repo |
| 10 | commits = Grit::Commit.find_all(@repo, nil, {max_count: 650}) | 12 | commits = Grit::Commit.find_all(@repo, nil, {max_count: 650}) |
| @@ -164,7 +166,7 @@ module Gitlab | @@ -164,7 +166,7 @@ module Gitlab | ||
| 164 | h[:refs] = refs.collect{|r|r.name}.join(" ") unless refs.nil? | 166 | h[:refs] = refs.collect{|r|r.name}.join(" ") unless refs.nil? |
| 165 | h[:id] = sha | 167 | h[:id] = sha |
| 166 | h[:date] = date | 168 | h[:date] = date |
| 167 | - h[:message] = Gitlab::Encode.utf8(message) | 169 | + h[:message] = sanitize(Gitlab::Encode.utf8(message)) |
| 168 | h[:login] = author.email | 170 | h[:login] = author.email |
| 169 | h | 171 | h |
| 170 | end | 172 | end |