diff options
author | Nicolas Lœuillet <nicolas@loeuillet.org> | 2017-01-17 10:09:04 +0100 |
---|---|---|
committer | Nicolas Lœuillet <nicolas@loeuillet.org> | 2017-01-17 10:09:04 +0100 |
commit | 3d9950792c0aef20643ce1c5f81670e1f7194af9 (patch) | |
tree | 0eb9a92112c2e5913015abf01ff4e0b9e14c6d85 /src/Wallabag/CoreBundle/Resources/views/themes/material/Entry/_card_no_preview.html.twig | |
parent | 96e2827605ab459bfc61ff96438eab8285d2a0c7 (diff) | |
download | wallabag-3d9950792c0aef20643ce1c5f81670e1f7194af9.tar.gz wallabag-3d9950792c0aef20643ce1c5f81670e1f7194af9.tar.zst wallabag-3d9950792c0aef20643ce1c5f81670e1f7194af9.zip |
Fixed possible JS injection via the title edition
Diffstat (limited to 'src/Wallabag/CoreBundle/Resources/views/themes/material/Entry/_card_no_preview.html.twig')
-rw-r--r-- | src/Wallabag/CoreBundle/Resources/views/themes/material/Entry/_card_no_preview.html.twig | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/Entry/_card_no_preview.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/Entry/_card_no_preview.html.twig index 19a400b4..ed916e79 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/material/Entry/_card_no_preview.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/Entry/_card_no_preview.html.twig | |||
@@ -2,8 +2,8 @@ | |||
2 | <div class="card-body"> | 2 | <div class="card-body"> |
3 | <div class="card-content"> | 3 | <div class="card-content"> |
4 | <span class="card-title dot-ellipsis dot-resize-update"> | 4 | <span class="card-title dot-ellipsis dot-resize-update"> |
5 | <a href="{{ path('view', { 'id': entry.id }) }}" title="{{ entry.title | raw | striptags }}"> | 5 | <a href="{{ path('view', { 'id': entry.id }) }}" title="{{ entry.title | e | raw | striptags }}"> |
6 | {{ entry.title | raw | striptags | truncate(80, true, '…') }} | 6 | {{ entry.title | e | raw | striptags | truncate(80, true, '…') }} |
7 | </a> | 7 | </a> |
8 | </span> | 8 | </span> |
9 | 9 | ||