diff options
| author | syuilo <syuilotan@yahoo.co.jp> | 2020-10-25 12:25:13 +0900 |
|---|---|---|
| committer | syuilo <syuilotan@yahoo.co.jp> | 2020-10-25 12:25:13 +0900 |
| commit | ec203f7f795766f76b55fecc9248168c1cdf6c99 (patch) | |
| tree | 7d7b34ce0a7aefd2399adfbcc6d4ec2955a1e4aa /src | |
| parent | Clean up (diff) | |
| download | misskey-ec203f7f795766f76b55fecc9248168c1cdf6c99.tar.gz misskey-ec203f7f795766f76b55fecc9248168c1cdf6c99.tar.bz2 misskey-ec203f7f795766f76b55fecc9248168c1cdf6c99.zip | |
Use MFM instead of v-html to avoid XSS
Diffstat (limited to 'src')
| -rw-r--r-- | src/client/components/dialog.vue | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/client/components/dialog.vue b/src/client/components/dialog.vue index 810f4284c9..f157a37eac 100644 --- a/src/client/components/dialog.vue +++ b/src/client/components/dialog.vue @@ -12,8 +12,8 @@ <Fa :icon="faQuestionCircle" v-if="type === 'question'"/> <Fa :icon="faSpinner" pulse v-if="type === 'waiting'"/> </div> - <header v-if="title" v-html="title"></header> - <div class="body" v-if="text" v-html="text"></div> + <header v-if="title"><Mfm :text="title"/></header> + <div class="body" v-if="text"><Mfm :text="text"/></div> <MkInput v-if="input" v-model:value="inputValue" autofocus :type="input.type || 'text'" :placeholder="input.placeholder" @keydown="onInputKeydown"></MkInput> <MkSelect v-if="select" v-model:value="selectedValue" autofocus> <template v-if="select.items"> |