aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2025-12-18 22:44:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Make HtmlTags safer, properly sanitize in the view as well

Browse Source
This commit is contained in:
nicolas.dorier
2025-01-19 10:59:28 +09:00
parent 1830d398a4
commit d3d6b2d15c
6 changed files with 34 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
BTCPayServer/Plugins/PointOfSale/Controllers/UIPointOfSaleController.cs
View File

@@ -729,7 +729,7 @@ namespace BTCPayServer.Plugins.PointOfSale.Controllers
await _appService.UpdateOrCreateApp(app);
if (wasHtmlModified)
{
TempData[WellKnownTempData.ErrorMessage] = StringLocalizer["Only meta tags are allowed in HTML headers. Your HTML code has been cleaned up accordingly."].Value;
TempData[WellKnownTempData.SuccessMessage] = StringLocalizer["Only meta tags are allowed in HTML headers. Your HTML code has been cleaned up accordingly."].Value;
} else {
TempData[WellKnownTempData.SuccessMessage] = StringLocalizer["App updated"].Value;
}