shaba/awx
1
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2024-10-31 23:51:09 +03:00
Code Releases Activity

Merge pull request #149 from mabashian/7283-xss-schedules

Browse Source 
Sanitize schedule titles
This commit is contained in:
Michael Abashian 2017-08-03 09:36:13 -04:00 committed by GitHub
commit 77f4e21e19
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
awx/ui/client/src/scheduler/main.js
View File

@ -85,9 +85,9 @@ export default
},
views: {
'@': {
templateProvider: function(ScheduleList, generateList, ParentObject){
templateProvider: function(ScheduleList, generateList, ParentObject, $filter){
// include name of parent resource in listTitle
ScheduleList.listTitle = `${ParentObject.name}<div class='List-titleLockup'></div>` + N_('SCHEDULES');
ScheduleList.listTitle = `${$filter('sanitize')(ParentObject.name)}<div class='List-titleLockup'></div>` + N_('SCHEDULES');
let html = generateList.build({
list: ScheduleList,
mode: 'edit'
@ -178,9 +178,9 @@ export default
},
views: {
'@': {
templateProvider: function(ScheduleList, generateList, ParentObject){
templateProvider: function(ScheduleList, generateList, ParentObject, $filter){
// include name of parent resource in listTitle
ScheduleList.listTitle = `${ParentObject.name}<div class='List-titleLockup'></div>` + N_('SCHEDULES');
ScheduleList.listTitle = `${$filter('sanitize')(ParentObject.name)}<div class='List-titleLockup'></div>` + N_('SCHEDULES');
let html = generateList.build({
list: ScheduleList,
mode: 'edit'
@ -268,9 +268,9 @@ export default
},
views: {
'@': {
templateProvider: function(ScheduleList, generateList, ParentObject){
templateProvider: function(ScheduleList, generateList, ParentObject, $filter){
// include name of parent resource in listTitle
ScheduleList.listTitle = `${ParentObject.name}<div class='List-titleLockup'></div>` + N_('SCHEDULES');
ScheduleList.listTitle = `${$filter('sanitize')(ParentObject.name)}<div class='List-titleLockup'></div>` + N_('SCHEDULES');
let html = generateList.build({
list: ScheduleList,
mode: 'edit'