From b76107bb240c54ba4d4c8e1d2badd412e5c473fa Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 04 Nov 2014 17:23:50 -0500
Subject: [PATCH] Whitelist the "target" link attribute in the XSS filter

---
 src/main/java/com/gitblit/tickets/TicketLabel.java |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/gitblit/tickets/TicketLabel.java b/src/main/java/com/gitblit/tickets/TicketLabel.java
index 686ce88..a7f0ebe 100644
--- a/src/main/java/com/gitblit/tickets/TicketLabel.java
+++ b/src/main/java/com/gitblit/tickets/TicketLabel.java
@@ -30,14 +30,17 @@
 
 	private static final long serialVersionUID = 1L;
 
-	public final String name;
+	public String name;
 
 	public String color;
 
 	public List<QueryResult> tickets;
 
-
 	public TicketLabel(String name) {
+		setName(name);
+	}
+	
+	public void setName(String name) {
 		this.name = name;
 		this.color = StringUtils.getColor(name);
 	}

--
Gitblit v1.9.1