server/beego
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
beego/server/web
History
Ville Vesilehto 939bb18c66 fix: add proper HTML escaping in renderFormField 
Enhances template safety by escaping user-provided values before inserting
them into HTML output. Improves the function by consistently using escaped
variables throughout the implementation.

- Adds template.HTMLEscapeString for all dynamic values
- Updates variable naming for consistency (escapedName, idAttr, etc.)
- Adds tests to verify proper character escaping works as expected

Signed-off-by: Ville Vesilehto <ville@vesilehto.fi>
2025-03-26 15:38:28 +08:00
..
captcha
Resolve conflicts among master branch and develop branch (#5286)
2023-07-31 23:00:02 +08:00
context
chore: fix some function names in comment
2025-01-12 15:08:34 +08:00
filter
remove unneccesary elements in keys in Signature()
2024-04-06 16:46:23 +08:00
grace
resolve #5604: using double instead of single hyphen when forking a child process.
2024-04-12 20:16:44 +08:00
mock
session: Support SessionReleaseIfPresent to avoid concurrent problem (#5685)
2024-07-31 21:44:47 +08:00
pagination
rename to v2
2020-12-14 11:12:00 +08:00
session
Fix CVE-2021-27116 CVE-2021-27117
2025-03-15 21:52:43 +08:00
swagger
format code
2020-12-14 12:34:55 +08:00
test/static
bugfix Controller SaveToFile remove all temp file
2023-05-27 14:41:51 +08:00
admin_controller.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
admin_test.go
merge master
2021-09-03 11:40:13 +08:00
admin.go
Resolve conflicts among master branch and develop branch (#5286)
2023-07-31 23:00:02 +08:00
adminui.go
replace beego.me with beego.vip
2021-11-29 21:29:29 +08:00
beego.go
Resolve conflicts among master branch and develop branch (#5286)
2023-07-31 23:00:02 +08:00
config_test.go
Add comments for BConfig
2021-08-02 00:01:48 +08:00
config.go
Resolve conflicts among master branch and develop branch (#5286)
2023-07-31 23:00:02 +08:00
controller_test.go
server: fix typo (#5618)
2024-03-31 21:25:11 +08:00
controller.go
Resolve conflicts among master branch and develop branch (#5286)
2023-07-31 23:00:02 +08:00
doc.go
Resolve conflicts among master branch and develop branch (#5286)
2023-07-31 23:00:02 +08:00
error_test.go
remove pkg directory;
2020-10-08 18:29:36 +08:00
error.go
Resolve conflicts among master branch and develop branch (#5286)
2023-07-31 23:00:02 +08:00
filter_chain_test.go
merge master
2021-09-03 11:40:13 +08:00
filter_test.go
rename to v2
2020-12-14 11:12:00 +08:00
filter.go
Resolve conflicts among master branch and develop branch (#5286)
2023-07-31 23:00:02 +08:00
flash_test.go
Make compatible
2021-01-03 22:00:47 +08:00
flash.go
format code
2020-12-14 12:34:55 +08:00
fs.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
hooks.go
merge master
2021-09-03 11:40:13 +08:00
LICENSE
using new organization
2020-12-13 23:09:19 +08:00
mime.go
remove pkg directory;
2020-10-08 18:29:36 +08:00
namespace_test.go
replace beego.me with beego.vip
2021-11-29 21:29:29 +08:00
namespace.go
Resolve conflicts among master branch and develop branch (#5286)
2023-07-31 23:00:02 +08:00
policy.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
router_test.go
chore: fix comment
2024-07-24 17:06:24 +08:00
router.go
fix issue 5732 (#5735)
2025-01-01 10:25:23 +08:00
server_test.go
Rename RouterXXX to CtrlXXX
2021-08-04 21:47:47 +08:00
server.go
Resolve conflicts among master branch and develop branch (#5286)
2023-07-31 23:00:02 +08:00
staticfile_test.go
Resolve conflicts among master branch and develop branch (#5286)
2023-07-31 23:00:02 +08:00
staticfile.go
Resolve conflicts among master branch and develop branch (#5286)
2023-07-31 23:00:02 +08:00
statistics_test.go
remove pkg directory;
2020-10-08 18:29:36 +08:00
statistics.go
merge master
2021-09-03 11:40:13 +08:00
template_test.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
template.go
Resolve conflicts among master branch and develop branch (#5286)
2023-07-31 23:00:02 +08:00
templatefunc_test.go
fix: add proper HTML escaping in renderFormField
2025-03-26 15:38:28 +08:00
templatefunc.go
fix: add proper HTML escaping in renderFormField
2025-03-26 15:38:28 +08:00
tree_test.go
Fix issue 4961
2022-05-29 07:54:48 +08:00
tree.go
Fix issue 4961
2022-05-29 07:54:48 +08:00
unregroute_test.go
bugfix Controller SaveToFile remove all temp file
2023-05-27 14:41:51 +08:00