Univention Bugzilla – Attachment 8872 Details for
Bug 44498
UMC doesn't escape HTML from dpkg
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch
44498.patch (text/plain), 4.67 KB, created by
Florian Best
on 2017-05-23 11:15 CEST
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Florian Best
Created:
2017-05-23 11:15 CEST
Size:
4.67 KB
patch
obsolete
>diff --git a/management/univention-appcenter/umc/js/appcenter/AppDetailsPage.js b/management/univention-appcenter/umc/js/appcenter/AppDetailsPage.js >index 9cda3b4..cae357d 100644 >--- a/management/univention-appcenter/umc/js/appcenter/AppDetailsPage.js >+++ b/management/univention-appcenter/umc/js/appcenter/AppDetailsPage.js >@@ -957,7 +957,7 @@ define([ > 'values': values || {} > }; > >- this._progressBar.reset(_('%s: Performing software tests on involved systems', entities.encode(this.app.name))); >+ this._progressBar.reset(_('%s: Performing software tests on involved systems', this.app.name)); > this._progressBar._progressBar.set('value', Infinity); // TODO: Remove when this is done automatically by .reset() > var invokation; > if (this.app.installsAsDocker()) { >@@ -1082,7 +1082,7 @@ define([ > if (keepAlive !== false) { > tools.umcpCommand('appcenter/keep_alive', {}, false); > } >- msg = entities.encode(msg || _('Another package operation is in progress.')); >+ msg = msg || _('Another package operation is in progress.'); > var callback = lang.hitch(this, function() { > if (this._progressBar.getErrors().errors.length) { > deferred.reject(); >@@ -1110,14 +1110,17 @@ define([ > var role = match[2]; > var host = match[3]; > error = '<p>' + _('Installing the extension of the LDAP schema on %s seems to have failed.', '<strong>' + entities.encode(host) + '</strong>') + '</p>'; >- if (role == 'DC Backup') { >+ if (role === 'DC Backup') { > error += '<p>' + _('If everything else went correct and this is just a temporary network problem, you should execute %s as root on that backup system.', '<pre>univention-add-app ' + entities.encode(component) + ' -m</pre>') + '</p>'; > } > error += '<p>' + _('Further information can be found in the following log file on each of the involved systems: %s', '<br /><em>/var/log/univention/management-console-module-appcenter.log</em>') + '</p>'; >+ } else { >+ error = entities.encode(error); > } > return error; > }); > this._progressBar._errors = errors; >+ this._progressBar.allowHTMLErrors = true; > this._progressBar.stop(lang.hitch(this, 'restartOrReload'), undefined, true); > }, > >diff --git a/management/univention-appcenter/umc/js/appcenter/PackagesPage.js b/management/univention-appcenter/umc/js/appcenter/PackagesPage.js >index ace2898..879715d 100644 >--- a/management/univention-appcenter/umc/js/appcenter/PackagesPage.js >+++ b/management/univention-appcenter/umc/js/appcenter/PackagesPage.js >@@ -418,8 +418,8 @@ define([ > } > ]; > } else { >- headline = _("Do you really want to %(verb)s %(ids)s?", {verb: verb, ids: array.map(ids, lang.hitch(entities, 'encode')).join(', ')}); >- var msg = _("%(verb)s %(ids)s", {verb: verb1, ids: array.map(ids, lang.hitch(entities, 'encode')).join(', ')}); >+ headline = _("Do you really want to %(verb)s %(ids)s?", {verb: verb, ids: ids.join(', ')}); >+ var msg = _("%(verb)s %(ids)s", {verb: verb1, ids: ids.join(', ')}); > buttons = [ > { > name: 'cancel', >diff --git a/management/univention-web/js/widgets/ProgressBar.js b/management/univention-web/js/widgets/ProgressBar.js >index 656cedd..af908c9 100644 >--- a/management/univention-web/js/widgets/ProgressBar.js >+++ b/management/univention-web/js/widgets/ProgressBar.js >@@ -46,6 +46,8 @@ define([ > // This class provides a widget providing detailed progress information > baseClass: 'umcProgressBar', > >+ allowHTMLErrors: false, >+ > _component: null, > _message: null, > _progressBar: null, >@@ -86,7 +88,7 @@ define([ > this._criticalError = false; > this._errors = []; > >- this._component.set('content', this._initialComponent); >+ this._component.set('content', entities.encode(this._initialComponent)); > > // make sure that at least a not breakable space is printed > // ... this avoids vertical jumping of widgets >@@ -172,10 +174,10 @@ define([ > if (errors.length && handleErrors) { > var msg = ''; > if (errors.length === 1) { >- msg = _('An error occurred: ') + errors[0]; >+ msg = _('An error occurred: ') + this._encodeError(errors[0]); > } else { > msg = lang.replace(_('{number} errors occurred: '), {number : errors.length}); >- msg += '<ul><li>' + errors.join('</li><li>') + '</li></ul>'; >+ msg += '<ul><li>' + array.map(errors, lang.hitch(this, '_encodeError')).join('</li><li>') + '</li></ul>'; > } > dialog.confirm(msg, [{ > label: 'Ok', >@@ -187,6 +189,13 @@ define([ > } > }, > >+ _encodeError: function(error) { >+ if (!this.allowHTMLErrors) { >+ error = entities.encode(error); >+ } >+ return error; >+ }, >+ > getErrors: function() { > return {'errors' : this._errors, 'critical' : this._criticalError}; > }
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
Actions:
View
|
Diff
Attachments on
bug 44498
: 8872