Address some CodeQL security concerns (#35572)

Although there is no real security problem
2025-10-14 12:46:00 +00:00 · 2025-10-04 01:21:26 +08:00
parent c4532101a4
commit 71360a94cb
35 changed files with 118 additions and 78 deletions
--- a/web_src/fomantic/build/components/dropdown.js
+++ b/web_src/fomantic/build/components/dropdown.js
@@ -66,7 +66,7 @@ $.fn.dropdown = function(parameters) {
        moduleNamespace = 'module-' + namespace,

        $module         = $(this),
-        $context        = $(settings.context),
+        $context        = (typeof settings.context === 'string') ? $(document).find(settings.context) : $(settings.context), // GITEA-PATCH: use "jQuery.find(selector)" instead of "jQuery(selector)"
        $text           = $module.find(selector.text),
        $search         = $module.find(selector.search),
        $sizer          = $module.find(selector.sizer),