Skip to content

Commit

Permalink
Merge pull request #384 from NaorYaa/patch-1
Browse files Browse the repository at this point in the history 
Sanitize variable which can be controlled by user input
  • Loading branch information
@sadsfae
sadsfae authored Oct 19, 2023
2 parents dfdcc28 + 7f2ea61 commit 961c24b
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/issuetracker-webhook.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
echo "Using issue_title: $issue_title"
- name: Google Chat Notification
run: |
export issue_title=$(echo "${{ github.event.issue.title }}" | sed -e "s/'//g" -e 's/"//g')
export issue_title=$(echo "$ISSUE_TITLE" | sed -e "s/'//g" -e 's/"//g')
curl --location --request POST '${{ secrets.WEBHOOK }}' \
--header 'Content-Type: application/json; charset=UTF-8' \
--data "{'text': '[${{ github.event.issue.number }}] ${{ github.event.issue.html_url }} $issue_title (${{ github.event.issue.user.login }})'}"

0 comments on commit 961c24b

Please sign in to comment.