mirror of
https://github.com/go-gitea/gitea
synced 2024-12-22 09:17:52 +01:00
d8a8961b99
* Sanitize user-input on file name - Sanitize user-input before it get passed into the DOM. - Prevent things like "<iframe onload=alert(1)></iframe>" from being executed. This isn't a XSS attack as the server seems to be santizing the path as well. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
---|---|---|
.. | ||
fomantic | ||
js | ||
less | ||
svg |