fileboard: fix possible XSS (mainly applicable to 8chan)
This commit is contained in:
parent
b5370fd3e5
commit
271dcb7a65
@ -98,7 +98,7 @@
|
||||
<td>
|
||||
<select name="tag">
|
||||
{% for id, tag in config.allowed_tags %}
|
||||
<option value="{{ id }}">{{ tag }}</option>
|
||||
<option value="{{ id|e }}">{{ tag|e }}</option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
</td>
|
||||
|
@ -9,7 +9,7 @@
|
||||
<td>{% include 'post/name.html' %}
|
||||
{% include 'post/flag.html' %}
|
||||
<td>[<a href="{{ config.uri_img }}{{ post.files[0].file }}">{{ post.files[0].filename|e|bidi_cleanup }}</a>]
|
||||
<td>{% if post.modifiers['tag'] %}[{{ post.modifiers['tag'] }}]{% endif %}
|
||||
<td>{% if post.modifiers['tag'] %}[{{ post.modifiers['tag']|e }}]{% endif %}
|
||||
<td>{% include 'post/subject.html' %}
|
||||
{% if post.sticky %}
|
||||
{% if config.font_awesome %}
|
||||
|
Loading…
Reference in New Issue
Block a user