Template
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo synced 2024-11-24 10:46:10 +01:00
forgejo/modules/markup
zeripath 172229966c
Prevent panic on fuzzer provided string (#14405)
* Prevent panic on fuzzer provided string

The fuzzer has found that providing a <body> tag with an attribute to
PostProcess causes a panic. This PR removes any rendered html or body
tags from the output.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Placate lint

* placate lint again

Signed-off-by: Andrew Thornton <art27@cantab.net>

* minor cleanup

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-01-20 23:10:50 +08:00
..
common Don't replace underscores in auto-generated IDs in goldmark (#12805) 2020-09-12 12:00:48 -04:00
csv Detect delimiter in CSV rendering (#7869) 2019-08-16 01:09:50 +03:00
external Re-attempt to delete temporary upload if the file is locked by another process (#12447) 2020-08-11 21:05:34 +01:00
markdown Markdown task list improvements (#13952) 2020-12-13 09:05:50 +08:00
mdstripper Detect full references to issues and pulls in commit messages (#12399) 2020-08-06 20:20:05 +01:00
orgmode fix: media links in org files not liked to media files (#12997) 2020-10-01 11:22:34 -04:00
html.go Prevent panic on fuzzer provided string (#14405) 2021-01-20 23:10:50 +08:00
html_internal_test.go Issue/PR Context Popups (#9822) 2020-01-19 23:39:21 -05:00
html_test.go Prevent panic on fuzzer provided string (#14405) 2021-01-20 23:10:50 +08:00
markup.go Don't manually replace whitespace during render (#10291) 2020-02-17 07:46:51 +02:00
markup_test.go Prioritize "readme.md" (#5691) 2019-01-14 14:15:06 -05:00
sanitizer.go Markdown task list improvements (#13952) 2020-12-13 09:05:50 +08:00
sanitizer_test.go Markdown task list improvements (#13952) 2020-12-13 09:05:50 +08:00