Skip to content

Commit

Permalink
Fixes #37437 - Prevent XSS issue for pages using react and angular
Browse files Browse the repository at this point in the history
  • Loading branch information
@sbernhard @MariaAga
sbernhard authored and MariaAga committed May 14, 2024
1 parent 9b91cc9 commit 5b00e9e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion app/helpers/layout_helper.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ def fetch_locations
end

def fetch_user
{ current_user: User.current, user_dropdown: Menu::Manager.to_hash(:side_menu), impersonated_by: User.unscoped.find_by_id(session[:impersonated_by]) }
{ current_user: User.current.as_json(only: [:id, :firstname, :lastname, :mail, :admin, :last_login_on, :name]), user_dropdown: Menu::Manager.to_hash(:side_menu), impersonated_by: User.unscoped.find_by_id(session[:impersonated_by]) }
end

def layout_data
Expand Down

0 comments on commit 5b00e9e

Please sign in to comment.