XSS in username
This commit is contained in:
Unknwon
parent
670ade9a61
commit
63fecac537
1 changed files with 10 additions and 0 deletions
|
|
@ -21,6 +21,7 @@ import (
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/Unknwon/com"
|
"github.com/Unknwon/com"
|
||||||
|
"github.com/go-xorm/xorm"
|
||||||
"github.com/nfnt/resize"
|
"github.com/nfnt/resize"
|
||||||
|
|
||||||
"github.com/gogits/gogs/modules/avatar"
|
"github.com/gogits/gogs/modules/avatar"
|
||||||
|
|
@ -96,6 +97,15 @@ type User struct {
|
||||||
Members []*User `xorm:"-"`
|
Members []*User `xorm:"-"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (u *User) AfterSet(colName string, _ xorm.Cell) {
|
||||||
|
switch colName {
|
||||||
|
case "full_name":
|
||||||
|
u.FullName = base.Sanitizer.Sanitize(u.FullName)
|
||||||
|
case "created":
|
||||||
|
u.Created = regulateTimeZone(u.Created)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// EmailAdresses is the list of all email addresses of a user. Can contain the
|
// EmailAdresses is the list of all email addresses of a user. Can contain the
|
||||||
// primary email address, but is not obligatory
|
// primary email address, but is not obligatory
|
||||||
type EmailAddress struct {
|
type EmailAddress struct {
|
||||||
|
|
|
||||||
Reference in a new issue