Univention Bugzilla – Attachment 6758 Details for
Bug 38036
HTML not escaped
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch v2
38036-UMC_UCR-Encode-HTML-entities-in-descriptio.patch (text/plain), 3.23 KB, created by
Philipp Hahn
on 2015-03-13 11:54 CET
(
hide
)
Description:
Patch v2
Filename:
MIME Type:
Creator:
Philipp Hahn
Created:
2015-03-13 11:54 CET
Size:
3.23 KB
patch
obsolete
>From c153e7c4a0f65842049c06141f35f7d1e9b12927 Mon Sep 17 00:00:00 2001 >Message-Id: <c153e7c4a0f65842049c06141f35f7d1e9b12927.1426244017.git.hahn@univention.de> >From: Philipp Hahn <hahn@univention.de> >Date: Fri, 13 Mar 2015 11:52:43 +0100 >Subject: [PATCH] Bug #38036 UMC_UCR: Encode HTML entities in description and > tool-tip >Organization: Univention GmbH, Bremen, Germany > >Encode HTML entities in Text field and Tool-Tip. Otherwise <http://.../> >gets hidden. >--- > .../univention-management-console-module-ucr/debian/changelog | 6 ++++++ > .../univention-management-console-module-ucr/umc/js/ucr.js | 7 ++++--- > 2 files changed, 10 insertions(+), 3 deletions(-) > >diff --git a/branches/ucs-4.0/ucs-4.0-1/management/univention-management-console-module-ucr/debian/changelog b/branches/ucs-4.0/ucs-4.0-1/management/univention-management-console-module-ucr/debian/changelog >index 123ddcd..7ce0a2c 100644 >--- a/branches/ucs-4.0/ucs-4.0-1/management/univention-management-console-module-ucr/debian/changelog >+++ b/branches/ucs-4.0/ucs-4.0-1/management/univention-management-console-module-ucr/debian/changelog >@@ -1,3 +1,9 @@ >+univention-management-console-module-ucr (4.1.1-4) unstable; urgency=low >+ >+ * Bug #38036: Encode HTML entities in description and tool-tip >+ >+ -- Philipp Hahn <hahn@univention.de> Fri, 13 Mar 2015 11:52:02 +0100 >+ > univention-management-console-module-ucr (4.1.1-3) unstable; urgency=medium > > * Bug #37742: fix dialog design for small devices >diff --git a/branches/ucs-4.0/ucs-4.0-1/management/univention-management-console-module-ucr/umc/js/ucr.js b/branches/ucs-4.0/ucs-4.0-1/management/univention-management-console-module-ucr/umc/js/ucr.js >index 909217d..1617352 100644 >--- a/branches/ucs-4.0/ucs-4.0-1/management/univention-management-console-module-ucr/umc/js/ucr.js >+++ b/branches/ucs-4.0/ucs-4.0-1/management/univention-management-console-module-ucr/umc/js/ucr.js >@@ -35,6 +35,7 @@ define([ > "dojo/_base/array", > "dojo/aspect", > "dojo/sniff", >+ "dojox/html/entities", > "dijit/Dialog", > "dijit/form/_TextBoxMixin", > "umc/tools", >@@ -52,7 +53,7 @@ define([ > "umc/widgets/Tooltip", > "umc/i18n!umc/modules/ucr", > "xstyle/css!./ucr.css" >-], function(declare, lang, kernel, array, aspect, has, Dialog, _TextBoxMixin, tools, dialog, Form, Grid, Module, Page, SearchForm, StandbyMixin, TextBox, Text, HiddenInput, ComboBox, Tooltip, _) { >+], function(declare, lang, kernel, array, aspect, has, entities, Dialog, _TextBoxMixin, tools, dialog, Form, Grid, Module, Page, SearchForm, StandbyMixin, TextBox, Text, HiddenInput, ComboBox, Tooltip, _) { > > var _DetailDialog = declare([Dialog, StandbyMixin], { > _form: null, >@@ -135,7 +136,7 @@ define([ > if (text) { > // we have description, update the description field > descWidget.set('visible', true); >- descWidget.set('content', '<i>' + text + '</i>'); >+ descWidget.set('content', '<i>' + entities.encode(text) + '</i>'); > } > else { > // no description -> hide widget and label >@@ -368,7 +369,7 @@ define([ > var item = this._grid.getRowValues(rowIndex); > if (item.description) { > var tooltip = new Tooltip({ >- label: item.description, >+ label: entities.encode(item.description), > connectId: [widget.domNode], > position: ['below'] > }); >-- >1.9.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
Actions:
View
|
Diff
Attachments on
bug 38036
:
6757
| 6758