forked from gitea/gitea
fix: remove `str2html` from org full name (#1360)
* fix: remove str2html for security issue. * fix: update
This commit is contained in:
parent
e7493e953f
commit
0cee52e0d3
|
@ -4,7 +4,7 @@
|
||||||
<div class="column">
|
<div class="column">
|
||||||
<div class="ui header">
|
<div class="ui header">
|
||||||
<img class="ui image" src="{{.RelAvatarLink}}?s=100">
|
<img class="ui image" src="{{.RelAvatarLink}}?s=100">
|
||||||
<span class="text thin grey"><a href="{{.HomeLink}}">{{.DisplayName | Str2html}}</a></span>
|
<span class="text thin grey"><a href="{{.HomeLink}}">{{.DisplayName}}</a></span>
|
||||||
|
|
||||||
<div class="ui right">
|
<div class="ui right">
|
||||||
<div class="ui menu">
|
<div class="ui menu">
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
<img class="ui left" id="org-avatar" src="{{.Org.RelAvatarLink}}?s=140"/>
|
<img class="ui left" id="org-avatar" src="{{.Org.RelAvatarLink}}?s=140"/>
|
||||||
<div id="org-info">
|
<div id="org-info">
|
||||||
<div class="ui header">
|
<div class="ui header">
|
||||||
{{.Org.DisplayName | Str2html}}
|
{{.Org.DisplayName}}
|
||||||
{{if .IsOrganizationOwner}}<a class="text grey" href="{{.OrgLink}}/settings"><span class="octicon octicon-gear"></span></a>{{end}}
|
{{if .IsOrganizationOwner}}<a class="text grey" href="{{.OrgLink}}/settings"><span class="octicon octicon-gear"></span></a>{{end}}
|
||||||
</div>
|
</div>
|
||||||
{{if .Org.Description}}<p class="desc">{{.Org.Description}}</p>{{end}}
|
{{if .Org.Description}}<p class="desc">{{.Org.Description}}</p>{{end}}
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
<div class="ui container">
|
<div class="ui container">
|
||||||
<div id="invite-box">
|
<div id="invite-box">
|
||||||
{{template "base/alert" .}}
|
{{template "base/alert" .}}
|
||||||
<h2>{{.i18n.Tr "org.members.invite_desc" .Org.DisplayName | Str2html}}</h2>
|
<h2>{{.i18n.Tr "org.members.invite_desc" .Org.DisplayName}}</h2>
|
||||||
<form class="ui form" action="{{.Link}}" method="post">
|
<form class="ui form" action="{{.Link}}" method="post">
|
||||||
{{.CsrfTokenHtml}}
|
{{.CsrfTokenHtml}}
|
||||||
<div class="inline field ui left">
|
<div class="inline field ui left">
|
||||||
|
|
|
@ -18,7 +18,7 @@
|
||||||
</div>
|
</div>
|
||||||
<div class="field {{if .Err_FullName}}error{{end}}">
|
<div class="field {{if .Err_FullName}}error{{end}}">
|
||||||
<label for="full_name">{{.i18n.Tr "org.org_full_name_holder"}}</label>
|
<label for="full_name">{{.i18n.Tr "org.org_full_name_holder"}}</label>
|
||||||
<input id="full_name" name="full_name" value="{{.Org.FullName | Str2html}}">
|
<input id="full_name" name="full_name" value="{{.Org.FullName}}">
|
||||||
</div>
|
</div>
|
||||||
<div class="field {{if .Err_Description}}error{{end}}">
|
<div class="field {{if .Err_Description}}error{{end}}">
|
||||||
<label for="description">{{$.i18n.Tr "org.org_desc"}}</label>
|
<label for="description">{{$.i18n.Tr "org.org_desc"}}</label>
|
||||||
|
|
|
@ -17,7 +17,7 @@
|
||||||
{{end}}
|
{{end}}
|
||||||
<a href="{{.HomeLink}}">
|
<a href="{{.HomeLink}}">
|
||||||
<img class="ui avatar image" src="{{.RelAvatarLink}}">
|
<img class="ui avatar image" src="{{.RelAvatarLink}}">
|
||||||
{{.DisplayName | Str2html}}
|
{{.DisplayName}}
|
||||||
</a>
|
</a>
|
||||||
</div>
|
</div>
|
||||||
{{end}}
|
{{end}}
|
||||||
|
|
Loading…
Reference in New Issue