Skip to content

Commit

Permalink
XWIKI-20614: Sanitize template URLs
Browse files Browse the repository at this point in the history
  • Loading branch information
@surli
surli committed Feb 3, 2023
1 parent a15e782 commit 8f5a889
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions ...ki-platform-appwithinminutes-ui/src/main/resources/AppWithinMinutes/DeleteApplication.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,8 +92,9 @@
'form_token': $services.csrf.token
})
#if ("$!request.xredirect" != '')
#set ($cancelURL = $request.xredirect)
#set ($confirmParams.xredirect = $cancelURL)
#getSanitizedURLAttributeValue('a','href',$request.xredirect,$doc.getURL(),$cancelURL)
## We don't sanitize those parameters as the sanitation will be handled server side.
#set ($confirmParams.xredirect = $request.xredirect)
#end
#set ($confirmURL = $doc.getURL($xcontext.action, $escapetool.url($confirmParams)))
{{html}}
Expand Down

0 comments on commit 8f5a889

Please # to comment.