mirror of
https://github.com/Nheko-Reborn/nheko.git
synced 2024-11-29 06:08:48 +03:00
Merge pull request #722 from Thulinma/noHtmlFixes
Fix two more HTML injection attacks.
This commit is contained in:
commit
e88ab89c18
2 changed files with 3 additions and 3 deletions
|
@ -77,7 +77,7 @@ RoomsModel::data(const QModelIndex &index, int role) const
|
|||
return QString::fromStdString(
|
||||
roomInfos.at(roomids[index.row()]).avatar_url);
|
||||
case Roles::RoomID:
|
||||
return roomids[index.row()];
|
||||
return roomids[index.row()].toHtmlEscaped();
|
||||
}
|
||||
}
|
||||
return {};
|
||||
|
|
|
@ -16,8 +16,8 @@ struct Reaction
|
|||
Q_PROPERTY(int count READ count)
|
||||
|
||||
public:
|
||||
QString key() const { return key_; }
|
||||
QString users() const { return users_; }
|
||||
QString key() const { return key_.toHtmlEscaped(); }
|
||||
QString users() const { return users_.toHtmlEscaped(); }
|
||||
QString selfReactedEvent() const { return selfReactedEvent_; }
|
||||
int count() const { return count_; }
|
||||
|
||||
|
|
Loading…
Reference in a new issue