mirror of
https://github.com/discourse/discourse.git
synced 2024-11-25 22:53:56 +08:00
6e9bb84d12
If a theme name contained a double-quote, this problem could lead to invalid/unexpected HTML in the `<head>` Note that this is not considered a security issue because themes can only be installed/named by administrators, and themes/administrators already have the ability to run arbitrary javascript. |
||
---|---|---|
.. | ||
compiler_spec.rb | ||
importer_spec.rb | ||
manager_spec.rb |