Replace v-html with v-safe-html in repository file table rows
What does this MR do and why?
From &4273 (closed)
Gitlab-org/gitlab lints against using
v-html
. It was implemented as per #232488 (closed) to prevent against XSS vulnerabilities and as part of the effort to improve frontend security posture.
The project has many
v-html
usages and we need to audit each one of them & replace with a secure alternative likev-safe-html
orv-text
wherever possible.
This MR replaces v-html
with v-safe-html
(by using GlSafeHTMLDirective) in app/assets/javascripts/repository/components/table/row.vue
.
Screenshots or screen recordings
N/A
How to set up and validate locally
N/A
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Eugie Limpin