Commit graph

6 commits

Author SHA1 Message Date
Douwe Maan
4acab552be Merge branch 'fix-escape-commit-block' into 'security-9-5'
[9.5] Prevent a persistent XSS in the commit author block

See merge request gitlab/gitlabhq!2180
2017-09-07 20:22:16 -04:00
Robert Speicher
72a7b30c9f Change all :empty_project to :project 2017-08-02 17:47:31 -04:00
Grzegorz Bizon
0430b76441 Enable Style/DotPosition Rubocop 👮 2017-06-21 13:48:12 +00:00
Douwe Maan
9d7c5e7584 Address feedback 2017-02-06 18:06:46 -06:00
Douwe Maan
3aa1264dc6 Add tests 2017-02-06 16:12:24 -06:00
Robert Speicher
7cc239528e Remove persistent XSS vulnerability in commit_person_link helper
Because we were incorrectly supplying the tooltip title as
`data-original-title` (which Bootstrap's Tooltip JS automatically
applies based on the `title` attribute; we should never be setting it
directly), the value was being passed through as-is.

Instead, we should be supplying the normal `title` attribute and letting
Rails escape the value, which also negates the need for us to call
`sanitize` on it.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15126
2016-04-17 18:42:49 -04:00