Merge pull request #2419 from marshmalien/fix/1517-xss-application-token-description

Add sanitize filter to token description field
2026-01-13 11:00:03 -03:30 · 2018-07-05 16:46:10 -04:00 · 2018-07-05 16:46:10 -04:00 · 900cb56950
commit 900cb56950
parent f6c48bc1da b860395949
1 changed files with 1 additions and 1 deletions
--- a/awx/ui/client/features/users/tokens/users-tokens-list.partial.html
+++ b/awx/ui/client/features/users/tokens/users-tokens-list.partial.html
@ -29,7 +29,7 @@
            </at-row-item>
            <at-row-item
                label-value="{{:: vm.strings.get('list.ROW_ITEM_LABEL_DESCRIPTION') }}"
-                value="{{ token.description }}">
+                value="{{ token.description | sanitize }}">
            </at-row-item>
            <at-row-item
                label-value="{{:: vm.strings.get('list.ROW_ITEM_LABEL_SCOPE') }}"