yetangitu/Peertube
1
0
Fork 0
mirror of https://github.com/Chocobozzz/PeerTube.git synced 2025-10-04 10:19:35 +02:00
Code Issues Releases Wiki Activity

Don't inject untrusted input

Browse source 
Even if it's already checked in middlewares
It's better to have safe modals too
This commit is contained in:
Chocobozzz 2022-11-15 14:41:55 +01:00
parent 6bcb559fc9
commit 4638cd713d
No known key found for this signature in database
GPG key ID: 583A612D890159BE
35 changed files with 101 additions and 63 deletions
Download patch file Download diff file Expand all files Collapse all files

3
shared/server-commands/miscs/sql-command.ts
View file

@ -1,4 +1,5 @@
import { QueryTypes, Sequelize } from 'sequelize'
import { forceNumber } from '@shared/core-utils'
import { AbstractCommand } from '../shared'
export class SQLCommand extends AbstractCommand {
@ -63,7 +64,7 @@ export class SQLCommand extends AbstractCommand {
if (!total) return 0
return parseInt(total + '', 10)
return forceNumber(total)
}
getActorImage (filename: string) {