[pve-devel] [PATCH pve-docs] api-viewer: correctly enscape html when displaying return types.

Dietmar Maurer dietmar at proxmox.com
Thu Sep 13 11:43:12 CEST 2018


Signed-off-by: Dietmar Maurer <dietmar at proxmox.com>
---
 api-viewer/PVEAPI.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/api-viewer/PVEAPI.js b/api-viewer/PVEAPI.js
index 835322f..1c34ef2 100644
--- a/api-viewer/PVEAPI.js
+++ b/api-viewer/PVEAPI.js
@@ -198,12 +198,12 @@ Ext.onReady(function() {
 
 		    var returnhtml;
 		    if (retinf.items) {
-			returnhtml = '<pre>items: ' + JSON.stringify(retinf.items, null, 4) + '</pre>';
+			returnhtml = '<pre>items: ' + Ext.htmlEncode(JSON.stringify(retinf.items, null, 4)) + '</pre>';
 		    }
 
 		    if (retinf.properties) {
 			returnhtml = returnhtml || '';
-			returnhtml += '<pre>properties:' + JSON.stringify(retinf.properties, null, 4);
+			returnhtml += '<pre>properties:' + Ext.htmlEncode(JSON.stringify(retinf.properties, null, 4));
 		    }
 
 		    sections.push({
-- 
2.11.0



More information about the pve-devel mailing list