kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/app/views/projects/diffs
History
blackst0ne 350e26b8a6 [Rails5] Use `safe_params` instead of `params` in `url_for` helpers 
This commits replaces `params` with `safe_params` in `url_for` helpers
to resolve security issues [1] and failing specs with the

```
ArgumentError:
  Attempting to generate a URL from non-sanitized request parameters!
  An attacker can inject malicious data into the generated URL, such as
  changing the host. Whitelist and sanitize passed parameters to be secure.
```

error.

[1]: https://gitlab.com/gitlab-org/gitlab-ce/issues/45168
 		2018-04-28 21:35:16 +11:00
..
viewers
_collapsed.html.haml [Rails5] Add `safe_params` helper 2018-04-08 15:35:30 +11:00
_content.html.haml
_diffs.html.haml [Rails5] Use `safe_params` instead of `params` in `url_for` helpers 2018-04-28 21:35:16 +11:00
_file.html.haml refactor code based on feedback 2018-02-23 14:02:40 +01:00
_file_header.html.haml Added LFS to merge request files tracked by LFS 2018-01-10 11:00:33 +00:00
_image_diff_frame.html.haml
_line.html.haml
_parallel_view.html.haml
_render_error.html.haml
_replaced_image_diff.html.haml Use app host instead of asset host when rendering image blob or diff 2017-12-12 09:48:06 +01:00
_single_image_diff.html.haml Use app host instead of asset host when rendering image blob or diff 2017-12-12 09:48:06 +01:00
_stats.html.haml Resolve "GitLab Community Edition 10.5.3 shows plural for 1 item" 2018-03-19 11:53:35 +00:00
_text_file.html.haml
_viewer.html.haml
_warning.html.haml