mirror of
https://github.com/snipe/snipe-it.git
synced 2024-12-24 21:24:13 -08:00
Fixes #4457 - use un-escaped CSS for custom CSS styles
We are already escaping the CSS in the show_custom_css() method
This commit is contained in:
parent
f137e516a6
commit
edcd3afc3e
|
@ -89,6 +89,18 @@ class Setting extends Model
|
|||
|
||||
}
|
||||
|
||||
/**
|
||||
* Escapes the custom CSS, and then un-escapes the greater-than symbol
|
||||
* so it can work with direct descendant characters for bootstrap
|
||||
* menu overrides like:
|
||||
*
|
||||
* .skin-blue .sidebar-menu>li.active>a, .skin-blue .sidebar-menu>li:hover>a
|
||||
*
|
||||
* Important: Do not remove the e() escaping here, as we output raw in the blade.
|
||||
*
|
||||
* @return string escaped CSS
|
||||
* @author A. Gianotto <snipe@snipe.net>
|
||||
*/
|
||||
public function show_custom_css()
|
||||
{
|
||||
$custom_css = Setting::getSettings()->custom_css;
|
||||
|
|
|
@ -52,7 +52,7 @@
|
|||
@endif
|
||||
|
||||
@if ($snipeSettings->custom_css)
|
||||
{{ $snipeSettings->show_custom_css() }}
|
||||
{!! $snipeSettings->show_custom_css() !!}
|
||||
@endif
|
||||
@endif
|
||||
@media (max-width: 400px) {
|
||||
|
|
Loading…
Reference in a new issue