mirror of
https://github.com/discourse/discourse.git
synced 2024-12-16 16:33:44 +08:00
SECURITY: sanitize topic title when staff is viewing a user's past flagged posts and deleted topics
This commit is contained in:
parent
e7f83358aa
commit
e23b8e7905
|
@ -1,3 +1,5 @@
|
||||||
|
import { emojiUnescape } from 'discourse/lib/text';
|
||||||
|
|
||||||
export default function (filter) {
|
export default function (filter) {
|
||||||
return Discourse.Route.extend({
|
return Discourse.Route.extend({
|
||||||
actions: {
|
actions: {
|
||||||
|
@ -20,6 +22,12 @@ export default function (filter) {
|
||||||
// initialize "canLoadMore"
|
// initialize "canLoadMore"
|
||||||
model.set("canLoadMore", model.get("itemsLoaded") === 60);
|
model.set("canLoadMore", model.get("itemsLoaded") === 60);
|
||||||
|
|
||||||
|
model.get('content').forEach((item) => {
|
||||||
|
if (item.get('title')) {
|
||||||
|
item.set('title', emojiUnescape(Handlebars.Utils.escapeExpression(item.title)));
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
this.controllerFor("user-posts").set("model", model);
|
this.controllerFor("user-posts").set("model", model);
|
||||||
},
|
},
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user