domi/forgejo-domi
1
0
Fork 0
forked from forgejo/forgejo
Code Pull requests Activity

Use "Safe" modifier for manually constructed safe HTML strings in templates (#29227)

Browse source 
Follow #29165. These HTML strings are safe to be rendered directly, to
avoid double-escaping.

(cherry picked from commit a784ed3d6c6946fd9bf95f2e910f52f549326fe2)
This commit is contained in:
wxiaoguang 2024-02-18 09:48:59 +08:00 committed by Earl Warren
parent ca46f7f7e0
commit bdf470785d
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
12 changed files with 15 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

2
templates/repo/settings/webhook/settings.tmpl
View file

@ -263,7 +263,7 @@
<label for="authorization_header">{{ctx.Locale.Tr "repo.settings.authorization_header"}}</label>
<input id="authorization_header" name="authorization_header" type="text" value="{{.Webhook.HeaderAuthorization}}"{{if eq .HookType "matrix"}} placeholder="Bearer $access_token" required{{end}}>
{{if ne .HookType "matrix"}}{{/* Matrix doesn't make the authorization optional but it is implied by the help string, should be changed.*/}}
<span class="help">{{ctx.Locale.Tr "repo.settings.authorization_header_desc" "<code>Bearer token123456</code>, <code>Basic YWxhZGRpbjpvcGVuc2VzYW1l</code>" | Str2html}}</span>
<span class="help">{{ctx.Locale.Tr "repo.settings.authorization_header_desc" ("<code>Bearer token123456</code>, <code>Basic YWxhZGRpbjpvcGVuc2VzYW1l</code>" | Safe)}}</span>
{{end}}
</div>