Skip to content
This repository was archived by the owner on Sep 24, 2018. It is now read-only.
This repository was archived by the owner on Sep 24, 2018. It is now read-only.

Profiler labels don't escape HTML #28

Open
Open
Profiler labels don't escape HTML#28
@zzzzBov

Description

@zzzzBov
zzzzBov
opened on Jan 20, 2017

From source, labels are set with:

<td class="profiler-label"><%= $value.name %></td>

I can't tell if this is meant as a "feature" or whether it's an unintentional bug.

If it's a bug I assume it should be something along the lines of:

<td class="profiler-label"><%= MiniProfiler.safeHtml($value.name) %></td>

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions