1
0
mirror of https://github.com/go-gitea/gitea synced 2024-12-24 03:35:55 +01:00

XSS in username

This commit is contained in:
Unknwon 2015-09-01 12:19:52 -04:00
parent 670ade9a61
commit 63fecac537

@ -21,6 +21,7 @@ import (
"time"
"github.com/Unknwon/com"
"github.com/go-xorm/xorm"
"github.com/nfnt/resize"
"github.com/gogits/gogs/modules/avatar"
@ -96,6 +97,15 @@ type User struct {
Members []*User `xorm:"-"`
}
func (u *User) AfterSet(colName string, _ xorm.Cell) {
switch colName {
case "full_name":
u.FullName = base.Sanitizer.Sanitize(u.FullName)
case "created":
u.Created = regulateTimeZone(u.Created)
}
}
// EmailAdresses is the list of all email addresses of a user. Can contain the
// primary email address, but is not obligatory
type EmailAddress struct {