• Paul Slaughter's avatar
    Fix XSS in resolve conflicts form · e6e9c10e
    Paul Slaughter authored
    The issue arose when the branch name contained Vue template
    JavaScript. The fix is to use `v-pre` which disables Vue
    compilation in a template.
    e6e9c10e
user_resolves_conflicts_spec.rb 7.4 KB