Download as
Browse Code »

Commit 676a9a7e287655342ac0683dedce0c69a984465e

Authored by Dmitriy Zaporozhets
1 parent 1665a06f
Exists in master and in 4 other branches 6-8-stable, 7-0-stable, 7-0-stable-spb, spb-stable

Fix xss vulnerability

Showing 1 changed file with 1 additions and 1 deletions   Show diff stats
app/views/search/show.html.haml
  Diff comments   View file @676a9a7
@@ -88,5 +88,5 @@ @@ -88,5 +88,5 @@
88 %h4.nothing_here_message No wiki pages 88 %h4.nothing_here_message No wiki pages
89 :javascript 89 :javascript
90 $(function() { 90 $(function() {
91 - $(".search_results .term").highlight("#{params[:search]}"); 91 + $(".search_results .term").highlight("#{escape_javascript(params[:search])}");
92 }) 92 })