forgejo/models
Gusted b7e6dedafd
[GITEA] Use restricted sanitizer for repository description
- Currently the repository description uses the same sanitizer as a
normal markdown document. This means that element such as heading and
images are allowed and can be abused.
- Create a minimal restricted sanitizer for the repository description,
which only allows what the postprocessor currently allows, which are
links and emojis.
- Added unit testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1202
- Resolves https://codeberg.org/Codeberg/Community/issues/1122

(cherry picked from commit a8afa4cd18)
(cherry picked from commit 0238587c51)
(cherry picked from commit a8c7bbf728)
(cherry picked from commit 80e05a8245)
(cherry picked from commit f5af5050b3)
(cherry picked from commit 608f981e55)
(cherry picked from commit 6591867502)
2023-10-23 15:35:33 +02:00
..
actions [CLI] implement forgejo-cli 2023-10-23 13:49:07 +02:00
activities Add Index to action.user_id (#27403) (#27425) 2023-10-04 08:53:00 +02:00
admin Next round of db.DefaultContext refactor (#27089) 2023-09-16 14:39:12 +00:00
asymkey Respect SSH.KeygenPath option when calculating ssh key fingerprints (#27536) (#27551) 2023-10-10 07:37:58 +00:00
auth [GITEA] silently ignore obsolete sudo scope 2023-10-23 15:35:32 +02:00
avatars Refactor system setting (#27000) (#27452) 2023-10-05 10:37:59 +00:00
db [GITEA] Add slow SQL query warning 2023-10-23 15:35:32 +02:00
dbfs Fix content holes in Actions task logs file (#25560) 2023-06-28 19:07:29 +02:00
fixtures [GITEA] Improve HTML title on repositories 2023-10-23 15:35:32 +02:00
forgejo/semver [UPGRADE] add sanity checks for [storage*] 2023-10-23 14:20:50 +02:00
forgejo_migrations [SEMVER] store SemVer in ForgejoSemVer after a database upgrade 2023-10-23 14:20:50 +02:00
git Upgrade xorm (#27673) (#27691) 2023-10-19 10:56:39 +00:00
issues [GITEA] enable system users for comment.LoadPoster 2023-10-23 15:35:33 +02:00
migrations [UPGRADE] run sanity checks before the database is upgraded 2023-10-23 14:20:50 +02:00
organization Another round of db.DefaultContext refactor (#27103) (#27262) 2023-09-25 19:24:35 +02:00
packages move repository deletion to service layer (#26948) 2023-09-08 04:51:15 +00:00
perm move repository deletion to service layer (#26948) 2023-09-08 04:51:15 +00:00
project More db.DefaultContext refactor (#27265) (#27347) 2023-09-29 13:35:01 +00:00
pull
repo [GITEA] Use restricted sanitizer for repository description 2023-10-23 15:35:33 +02:00
secret Refactor secrets modification logic (#26873) 2023-09-05 15:21:02 +00:00
shared/types Display owner of a runner as a tooltip instead of static text (#24377) 2023-05-12 08:43:27 +00:00
system Refactor system setting (#27000) (#27452) 2023-10-05 10:37:59 +00:00
unit Use Set[Type] instead of map[Type]bool/struct{}. (#26804) 2023-08-30 06:55:25 +00:00
unittest [TESTS] tests.AddFixtures helper loads additional per-test fixtures 2023-10-23 14:20:50 +02:00
user [GITEA] enable system users search via the API 2023-10-23 15:35:33 +02:00
webhook Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
error.go Sync branches into databases (#22743) 2023-06-29 10:03:20 +00:00
fixture_generation.go Fix yaml test (#27297) (#27303) 2023-09-27 15:05:35 +08:00
fixture_test.go Fix yaml test (#27297) (#27303) 2023-09-27 15:05:35 +08:00
main_test.go move repository deletion to service layer (#26948) 2023-09-08 04:51:15 +00:00
org.go
org_team.go Use db.WithTx for AddTeamMember to avoid ctx abuse (#27095) 2023-09-16 12:54:23 +00:00
org_team_test.go Reduce usage of db.DefaultContext (#27073) 2023-09-14 17:09:32 +00:00
org_test.go
repo.go Refactor system setting (#27000) (#27452) 2023-10-05 10:37:59 +00:00
repo_test.go
repo_transfer.go Next round of db.DefaultContext refactor (#27089) 2023-09-16 14:39:12 +00:00
repo_transfer_test.go Next round of db.DefaultContext refactor (#27089) 2023-09-16 14:39:12 +00:00