From d539a6715cbc52d7609d364ba8bcb85cd193d5a7 Mon Sep 17 00:00:00 2001
From: John Mitchell <jlmitch5@ncsu.edu>
Date: Wed, 29 Jun 2016 14:40:53 -0400
Subject: [PATCH] fix xss vulnerability when deleting labels

---
 .../src/job-templates/labels/labelsList.directive.js       | 5 +++--
 awx/ui/client/src/shared/Utilities.js                      | 7 +++++--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/awx/ui/client/src/job-templates/labels/labelsList.directive.js b/awx/ui/client/src/job-templates/labels/labelsList.directive.js
index 00c8e6b06a..ab97b2f5f2 100644
--- a/awx/ui/client/src/job-templates/labels/labelsList.directive.js
+++ b/awx/ui/client/src/job-templates/labels/labelsList.directive.js
@@ -7,7 +7,8 @@ export default
         'ProcessErrors',
         'Prompt',
         '$q',
-        function(templateUrl, Wait, Rest, GetBasePath, ProcessErrors, Prompt, $q) {
+        '$filter',
+        function(templateUrl, Wait, Rest, GetBasePath, ProcessErrors, Prompt, $q, $filter) {
             return {
                 restrict: 'E',
                 scope: false,
@@ -65,7 +66,7 @@ export default
 
                         Prompt({
                             hdr: 'Remove Label from ' + templateName,
-                            body: '<div class="Prompt-bodyQuery">Confirm  the removal of the <span class="Prompt-emphasis">' + labelName + '</span> label.</div>',
+                            body: '<div class="Prompt-bodyQuery">Confirm  the removal of the <span class="Prompt-emphasis">' + $filter('sanitize')(labelName) + '</span> label.</div>',
                             action: action,
                             actionText: 'REMOVE'
                         });
diff --git a/awx/ui/client/src/shared/Utilities.js b/awx/ui/client/src/shared/Utilities.js
index e1d1a5983a..f7ccaf0be4 100644
--- a/awx/ui/client/src/shared/Utilities.js
+++ b/awx/ui/client/src/shared/Utilities.js
@@ -608,8 +608,8 @@ angular.module('Utilities', ['RestServices', 'Utilities', 'sanitizeFilter'])
  * ]
  * ```
  */
-.factory('CreateSelect2', [
-    function () {
+.factory('CreateSelect2', ['$filter',
+    function ($filter) {
         return function (params) {
 
             var element = params.element,
@@ -641,6 +641,9 @@ angular.module('Utilities', ['RestServices', 'Utilities', 'sanitizeFilter'])
                     containerCssClass: 'Form-dropDown',
                     width: '100%',
                     minimumResultsForSearch: Infinity,
+                    escapeMarkup: function(m) {
+                        return $filter('sanitize')(m);
+                    }
                 };
 
                 // multiple-choice directive calls select2 but needs to do so without this custom adapter