[pve-devel] [PATCH manager] htmlEncode user fullnames
Dominik Csapak
d.csapak at proxmox.com
Fri Oct 19 12:36:45 CEST 2018
Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
www/manager6/dc/UserView.js | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/www/manager6/dc/UserView.js b/www/manager6/dc/UserView.js
index 6dfc1041..5f8bed17 100644
--- a/www/manager6/dc/UserView.js
+++ b/www/manager6/dc/UserView.js
@@ -96,7 +96,7 @@ Ext.define('PVE.dc.UserView', {
var first = firstname || '';
var last = record.data.lastname || '';
- return first + " " + last;
+ return Ext.htmlEncode(first + " " + last);
};
var render_username = function(userid) {
--
2.11.0
More information about the pve-devel
mailing list