mirror of
https://github.com/go-gitea/gitea.git
synced 2024-12-27 07:56:13 +00:00
XSS in username
This commit is contained in:
parent
670ade9a61
commit
63fecac537
@ -21,6 +21,7 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/Unknwon/com"
|
||||
"github.com/go-xorm/xorm"
|
||||
"github.com/nfnt/resize"
|
||||
|
||||
"github.com/gogits/gogs/modules/avatar"
|
||||
@ -96,6 +97,15 @@ type User struct {
|
||||
Members []*User `xorm:"-"`
|
||||
}
|
||||
|
||||
func (u *User) AfterSet(colName string, _ xorm.Cell) {
|
||||
switch colName {
|
||||
case "full_name":
|
||||
u.FullName = base.Sanitizer.Sanitize(u.FullName)
|
||||
case "created":
|
||||
u.Created = regulateTimeZone(u.Created)
|
||||
}
|
||||
}
|
||||
|
||||
// EmailAdresses is the list of all email addresses of a user. Can contain the
|
||||
// primary email address, but is not obligatory
|
||||
type EmailAddress struct {
|
||||
|
Loading…
Reference in New Issue
Block a user