From: Dan Brown Date: Sat, 25 Feb 2017 12:41:32 +0000 (+0000) Subject: Prevented custom HTML being inserted on settings page X-Git-Tag: v0.15.0~1^2~7 X-Git-Url: http://source.bookstackapp.com/bookstack/commitdiff_plain/af3c0e43a59483511ce0271bdbd43b5845d3d1fa Prevented custom HTML being inserted on settings page Gives option for fixing if badly formatted HTML is inserted. Closes #310 --- diff --git a/resources/views/base.blade.php b/resources/views/base.blade.php index a98a37131..bb00ce19e 100644 --- a/resources/views/base.blade.php +++ b/resources/views/base.blade.php @@ -23,9 +23,10 @@ @include('partials/custom-styles') - - @if(setting('app-custom-head')) + @if(setting('app-custom-head') && \Route::currentRouteName() !== 'settings') + {!! setting('app-custom-head') !!} + @endif diff --git a/routes/web.php b/routes/web.php index 076ffb94f..8d166f1d6 100644 --- a/routes/web.php +++ b/routes/web.php @@ -129,7 +129,7 @@ Route::group(['middleware' => 'auth'], function () { // Settings Route::group(['prefix' => 'settings'], function() { - Route::get('/', 'SettingController@index'); + Route::get('/', 'SettingController@index')->name('settings'); Route::post('/', 'SettingController@update'); // Users