jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

/users: fix self-xss in favorite tags.

Browse Source
This commit is contained in:
evazion
2017-04-20 20:33:56 -05:00
parent 9718c6e107
commit fce8dcc97d
1 changed files with 1 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/views/users/edit.html.erb
View File

@@ -76,11 +76,7 @@
<%= f.input :enable_recent_searches, :as => :select, :collection => [["No", "false"], ["Yes", "true"]], :include_blank => false %> <%= f.input :enable_recent_searches, :as => :select, :collection => [["No", "false"], ["Yes", "true"]], :include_blank => false %>
<div class="input text optional field_with_hint"> <%= f.input :favorite_tags, :label => "Frequent tags", :hint => "A list of tags that you use often. They will appear when using the list of Related Tags.", :input_html => { :rows => 5 } %>
<label class="text optional" for="user_favorite_tags">Frequent tags</label>
<textarea id="user_favorite_tags" class="text optional" rows="5" name="user[favorite_tags]" cols="40"><%= raw @user.favorite_tags %></textarea>
<span class="hint">A list of tags that you use often. They will appear when using the list of Related Tags.</span>
</div>
<div class="input text optional field_with_hint"> <div class="input text optional field_with_hint">
<label class="text optional" for="user_dmail_filter_attributes_words">Dmail filter</label> <label class="text optional" for="user_dmail_filter_attributes_words">Dmail filter</label>