ahuston-0/hydra
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

templates: Hopefully escape all template inputs

Browse Source
This commit is contained in:
Janne Heß
2025-08-02 18:20:35 +02:00
committed by ahuston-0
parent 4125de8208
commit 4d2d0f9722
24 changed files with 116 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/root/jobset-channels-tab.tt
View File

@@ -22,7 +22,7 @@
<tbody>
[% FOREACH chan IN channels-%]
<tr>
<th><span><a [% HTML.attributes(href => c.uri_for('/channel/custom' project.name jobset.name chan)) %]>[% chan %]</a></span></th>
<th><span><a [% HTML.attributes(href => c.uri_for('/channel/custom' project.name jobset.name chan)) %]>[% HTML.escape(chan) %]</a></span></th>
[% FOREACH eval IN evalIds %]
<td>[% r = evals.$eval.builds.$chan; IF r.id %]<a [% HTML.attributes(href => c.uri_for('/build' r.id)) %]>[% INCLUDE renderBuildStatusIcon size=16 build=r %]</a>[% END %]</td>
[% END %]