diff options
author | Nicolas LÅ“uillet <nicolas@loeuillet.org> | 2017-01-17 11:59:14 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-01-17 11:59:14 +0100 |
commit | 9123cb3053a1e5e8730e44a2723cd61bb9b08512 (patch) | |
tree | 0eb9a92112c2e5913015abf01ff4e0b9e14c6d85 /src/Wallabag/CoreBundle/Resources/views/themes/common/Entry/entries.xml.twig | |
parent | 96e2827605ab459bfc61ff96438eab8285d2a0c7 (diff) | |
parent | 3d9950792c0aef20643ce1c5f81670e1f7194af9 (diff) | |
download | wallabag-9123cb3053a1e5e8730e44a2723cd61bb9b08512.tar.gz wallabag-9123cb3053a1e5e8730e44a2723cd61bb9b08512.tar.zst wallabag-9123cb3053a1e5e8730e44a2723cd61bb9b08512.zip |
Merge pull request #2758 from wallabag/fix-public-sharing
Fixed possible JS injection via the title edition
Diffstat (limited to 'src/Wallabag/CoreBundle/Resources/views/themes/common/Entry/entries.xml.twig')
-rw-r--r-- | src/Wallabag/CoreBundle/Resources/views/themes/common/Entry/entries.xml.twig | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/common/Entry/entries.xml.twig b/src/Wallabag/CoreBundle/Resources/views/themes/common/Entry/entries.xml.twig index 288bb54f..7103f22b 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/common/Entry/entries.xml.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/common/Entry/entries.xml.twig | |||
@@ -10,7 +10,7 @@ | |||
10 | {% for entry in entries %} | 10 | {% for entry in entries %} |
11 | 11 | ||
12 | <item> | 12 | <item> |
13 | <title><![CDATA[{{ entry.title }}]]></title> | 13 | <title><![CDATA[{{ entry.title|e }}]]></title> |
14 | <source url="{{ url('view', { 'id': entry.id }) }}">wallabag</source> | 14 | <source url="{{ url('view', { 'id': entry.id }) }}">wallabag</source> |
15 | <link>{{ entry.url }}</link> | 15 | <link>{{ entry.url }}</link> |
16 | <guid>{{ entry.url }}</guid> | 16 | <guid>{{ entry.url }}</guid> |