Commit a216ea5a authored by Jacob Schatz's avatar Jacob Schatz

Merge branch 'issue_15434' into 'master'

Fixes XSS injection

REF: https://gitlab.com/gitlab-org/gitlab-ce/issues/15434

**Without the fix**

![xss1](/uploads/0a7b0b15fb87066965a7c73f1dbaa815/xss1.gif)


**With the fix**

![xss2](/uploads/473cfa0aa80656f24c58aebf1fd97fff/xss2.gif)


See merge request !1952
parents 7ded28ff fd5b1587
class @CommitsList
@timer = null
@init: (ref, limit) ->
@init: (limit) ->
$("body").on "click", ".day-commits-table li.commit", (event) ->
if event.target.nodeName != "A"
location.href = $(this).attr("url")
......
......@@ -39,4 +39,4 @@
= spinner
:javascript
CommitsList.init("#{@ref}", #{@limit});
CommitsList.init(#{@limit});
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment