diff options
| author | Bernhard Posselt <nukeawhale@gmail.com> | 2013-08-06 13:56:32 +0200 |
|---|---|---|
| committer | Bernhard Posselt <nukeawhale@gmail.com> | 2013-08-06 13:56:32 +0200 |
| commit | 78b0bcc19ad3aba0e1e10d7441290a8af82e63bf (patch) | |
| tree | c46055c5d13bea272dcc162170e396c872954513 /templates | |
| parent | 582dba7e944850d39316a15ef9e3297577fb936f (diff) | |
move sanitation of urls to the serverside code to also provide security for clients, fix #151
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/part.items.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/templates/part.items.php b/templates/part.items.php index f9fc3805f..9a067cf6e 100644 --- a/templates/part.items.php +++ b/templates/part.items.php @@ -22,7 +22,7 @@ <h1 class="item_heading">{{ item.title }}</h1> <h1 class="item_title"> <a ng-click="itemBusinessLayer.setRead(item.id)" - target="_blank" ng-href="{{ item.url|ocSanitizeURL }}"> + target="_blank" ng-href="{{ item.url }}"> {{ item.title }} </a> </h1> @@ -30,7 +30,7 @@ <h2 class="item_author"> <span ng-show="itemBusinessLayer.noFeedActive() && feedBusinessLayer.getFeedLink(item.feedId)"> <?php p($l->t('from')) ?> - <a target="_blank" ng-href="{{ feedBusinessLayer.getFeedLink(item.feedId)|ocSanitizeURL }}" + <a target="_blank" ng-href="{{ feedBusinessLayer.getFeedLink(item.feedId) }}" class="from_feed">{{ itemBusinessLayer.getFeedTitle(item.id) }}</a> </span> <span ui-if="item.author"> |