[pve-devel] [PATCH pve-manager 1/2] htmlEncode values in {Pending, }ObjectGrid by default
Dietmar Maurer
dietmar at proxmox.com
Sun Sep 20 10:19:56 CEST 2015
On 09/18/2015 12:41 PM, Wolfgang Bumiller wrote:
> ---
>
> --- a/www/manager/grid/PendingObjectGrid.js
> +++ b/www/manager/grid/PendingObjectGrid.js
> @@ -63,7 +63,10 @@ Ext.define('PVE.grid.PendingObjectGrid', {
> pendingdelete = '<div style="text-decoration: line-through;">'+ current +'</div>';
We add html tags here.
> }
>
> + current = Ext.util.Format.htmlEncode(current);
> if (pending || pendingdelete) {
> + pending = Ext.util.Format.htmlEncode(pending);
> + pendingdelete = Ext.util.Format.htmlEncode(pendingdelete);
and now encode the html tags?
> return current + '<div style="color:red">' + pending + pendingdelete + '</div>';
> } else {
> return current;
More information about the pve-devel
mailing list