rpms / perl-Mojolicious

Clone
Source Code
GIT

Files

  1.   864a97192521adddc4a9586d382da4c602e2fc07
  2.   perl-Mojolicious-security-CVE-2011-1841.patch
Blob Blame History Raw 
Only in Mojolicious-0.999925.xss: Changes.orig
Only in Mojolicious-0.999925.xss: Changes.rej
diff -ur Mojolicious-0.999925/lib/Mojolicious/Plugin/TagHelpers.pm Mojolicious-0.999925.xss/lib/Mojolicious/Plugin/TagHelpers.pm
--- Mojolicious-0.999925/lib/Mojolicious/Plugin/TagHelpers.pm	2010-05-25 19:21:45.000000000 +0300
+++ Mojolicious-0.999925.xss/lib/Mojolicious/Plugin/TagHelpers.pm	2011-05-03 20:18:35.768803106 +0300
@@ -73,7 +73,7 @@
             my $captures = ref $_[0] eq 'HASH' ? shift : {};
 
             # Default content
-            push @_, sub { ucfirst $name }
+            push @_, sub { $name = Mojo::ByteStream->new($name)->xml_escape->to_string; ucfirst $name }
               unless defined $_[-1] && ref $_[-1] eq 'CODE';
 
             $self->_tag('a', href => $c->url_for($name, $captures), @_);
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.