packages/obs-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
obs-server/0002-CVE-2020-8020.patch
markeryang f10ade10a5 fix CVE-2020-8020 CVE-2020-8021
2021-03-16 15:43:36 +08:00

28 lines
1012 B
Diff
Raw Blame History

From 4d3a644b8a68e625d34a0a1490b539d3bb648001 Mon Sep 17 00:00:00 2001
From: Victor Pereira <vpereira@suse.de>
Date: Wed, 13 May 2020 08:02:52 +0200
Subject: [PATCH] Use Redcarpet Safe render to base OBS markdown render
Conflict:delete src/api/spec/helpers/webui/markdown_helper_spec.rb change
Reference:https://github.com/openSUSE/open-build-service/commit/7cc32c8e2ff7290698e101d9a80a9dc29a5500fb
Signed-off-by: Victor Pereira <vpereira@suse.de>
---
src/api/lib/obsapi/markdown_renderer.rb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/api/lib/obsapi/markdown_renderer.rb b/src/api/lib/obsapi/markdown_renderer.rb
index bc75e7b..cff936f 100644
--- a/src/api/lib/obsapi/markdown_renderer.rb
+++ b/src/api/lib/obsapi/markdown_renderer.rb
@@ -1,7 +1,7 @@
require 'uri'
module OBSApi
- class MarkdownRenderer < Redcarpet::Render::HTML
+ class MarkdownRenderer < Redcarpet::Render::Safe
include Rails.application.routes.url_helpers
def self.default_url_options
--
2.23.0
Reference in New Issue View Git Blame Copy Permalink