Proxmox/pve-manager
5
0
Fork 0
Code Pull Requests Releases Activity

add htmlEncode to various comment/description fields

Browse Source 
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
This commit is contained in:
Dominik Csapak 2016-06-09 16:52:13 +02:00 committed by Dietmar Maurer
parent bcf90a51b0
commit 5171a29935
20 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
www/manager/data/PVEProxy.js
View File

@ -51,7 +51,7 @@ Ext.define('PVE.RestProxy', {
text += " (+ " + info.tfa + ")";
}
return text;
return Ext.String.htmlEncode(text);
}
}
],

1
www/manager/dc/AuthView.js
View File

@ -131,6 +131,7 @@ Ext.define('PVE.dc.AuthView', {
id: 'comment',
header: gettext('Comment'),
sortable: false,
renderer: Ext.String.htmlEncode,
dataIndex: 'comment',
flex: 1
}

1
www/manager/dc/GroupView.js
View File

@ -96,6 +96,7 @@ Ext.define('PVE.dc.GroupView', {
header: gettext('Comment'),
sortable: false,
dataIndex: 'comment',
renderer: Ext.String.htmlEncode,
flex: 1
}
],

1
www/manager/dc/PoolView.js
View File

@ -96,6 +96,7 @@ Ext.define('PVE.dc.PoolView', {
header: gettext('Comment'),
sortable: false,
dataIndex: 'comment',
renderer: Ext.String.htmlEncode,
flex: 1
}
],

2
www/manager/dc/SecurityGroups.js
View File

@ -167,7 +167,7 @@ Ext.define('PVE.SecurityGroupList', {
selModel: sm,
columns: [
{ header: gettext('Group'), dataIndex: 'group', width: 100 },
{ header: gettext('Comment'), dataIndex: 'comment', flex: 1 }
{ header: gettext('Comment'), dataIndex: 'comment', renderer: Ext.String.htmlEncode, flex: 1 }
],
listeners: {
itemdblclick: run_editor,

1
www/manager/dc/UserView.js
View File

@ -221,6 +221,7 @@ Ext.define('PVE.dc.UserView', {
header: gettext('Comment'),
sortable: false,
dataIndex: 'comment',
renderer: Ext.String.htmlEncode,
flex: 1
}
],

1
www/manager/form/GroupSelector.js
View File

@ -29,6 +29,7 @@ Ext.define('PVE.form.GroupSelector', {
header: gettext('Comment'),
sortable: false,
dataIndex: 'comment',
renderer: Ext.String.htmlEncode,
flex: 1
}
]

1
www/manager/form/IPRefSelector.js
View File

@ -64,6 +64,7 @@ Ext.define('PVE.form.IPRefSelector', {
{
header: gettext('Comment'),
dataIndex: 'comment',
renderer: Ext.String.htmlEncode,
flex: 1
}
]);

1
www/manager/form/PoolSelector.js
View File

@ -29,6 +29,7 @@ Ext.define('PVE.form.PoolSelector', {
header: gettext('Comment'),
sortable: false,
dataIndex: 'comment',
renderer: Ext.String.htmlEncode,
flex: 1
}
]

1
www/manager/form/SecurityGroupSelector.js
View File

@ -34,6 +34,7 @@ Ext.define('PVE.form.SecurityGroupsSelector', {
{
header: gettext('Comment'),
dataIndex: 'comment',
renderer: Ext.String.htmlEncode,
flex: 1
}
]

1
www/manager/form/UserSelector.js
View File

@ -42,6 +42,7 @@ Ext.define('PVE.form.UserSelector', {
header: gettext('Comment'),
sortable: false,
dataIndex: 'comment',
renderer: Ext.String.htmlEncode,
flex: 1
}
]

2
www/manager/grid/FirewallAliases.js
View File

@ -171,7 +171,7 @@ Ext.define('PVE.FirewallAliases', {
columns: [
{ header: gettext('Name'), dataIndex: 'name', width: 100 },
{ header: gettext('IP/CIDR'), dataIndex: 'cidr', width: 100 },
{ header: gettext('Comment'), dataIndex: 'comment', flex: 1 }
{ header: gettext('Comment'), dataIndex: 'comment', renderer: Ext.String.htmlEncode, flex: 1 }
],
listeners: {
itemdblclick: run_editor

1
www/manager/grid/FirewallRules.js
View File

@ -36,6 +36,7 @@ Ext.define('PVE.form.FWMacroSelector', {
{
header: gettext('Description'),
flex: 1,
renderer: Ext.String.htmlEncode,
dataIndex: 'descr'
}
]

2
www/manager/node/APT.js
View File

@ -37,7 +37,7 @@ Ext.define('PVE.node.APT', {
var colspan = headerCt.getColumnCount();
// Usually you would style the my-body-class in CSS file
return {
rowBody: '<div style="padding: 1em">' + data.Description + '</div>',
rowBody: '<div style="padding: 1em">' + Ext.String.htmlEncode(data.Description) + '</div>',
rowBodyColspan: colspan
};
}

1
www/manager/node/ServiceView.js
View File

@ -129,6 +129,7 @@ Ext.define('PVE.node.ServiceView', {
{
header: gettext('Description'),
dataIndex: 'desc',
renderer: Ext.String.htmlEncode,
flex: 1
}
],

2
www/manager/panel/IPSet.js
View File

@ -148,7 +148,7 @@ Ext.define('PVE.IPSetList', {
selModel: sm,
columns: [
{ header: 'IPSet', dataIndex: 'name', width: 100 },
{ header: gettext('Comment'), dataIndex: 'comment', flex: 1 }
{ header: gettext('Comment'), dataIndex: 'comment', renderer: Ext.String.htmlEncode, flex: 1 }
],
listeners: {
itemdblclick: run_editor,

1
www/manager/pool/StatusView.js
View File

@ -13,6 +13,7 @@ Ext.define('PVE.pool.StatusView', {
var rows = {
comment: {
header: gettext('Comment'),
renderer: Ext.String.htmlEncode,
required: true
}
};

1
www/manager/qemu/Options.js
View File

@ -253,6 +253,7 @@ Ext.define('PVE.qemu.Options', {
smbios1: {
header: gettext('SMBIOS settings (type1)'),
defaultValue: '',
renderer: Ext.String.htmlEncode,
editor: caps.vms['VM.Config.HWType'] ? 'PVE.qemu.Smbios1Edit' : undefined
}
};

2
www/manager/qemu/SnapshotTree.js
View File

@ -279,7 +279,7 @@ Ext.define('PVE.qemu.SnapshotTree', {
if (record.data.name === 'current') {
return gettext("You are here!");
} else {
return value;
return Ext.String.htmlEncode(value);
}
}
}

1
www/manager/storage/ContentView.js
View File

@ -59,6 +59,7 @@ Ext.define('PVE.grid.TemplateSelector', {
{
header: gettext('Description'),
flex: 1.5,
renderer: Ext.String.htmlEncode,
dataIndex: 'headline'
}
],