Merge pull request #3097 from ansible/jakemcdermott-sanitize-jdetails

sanitize reflected user input on job details page Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2026-05-09 02:17:37 -02:30 · 2019-01-29 21:34:32 +00:00
parent 9bf0d052ab ca64630740
commit 44819987f7
1 changed files with 5 additions and 3 deletions
--- a/awx/ui/client/features/output/details.component.js
+++ b/awx/ui/client/features/output/details.component.js
@@ -114,13 +114,14 @@ function getVerbosityDetails () {
 }
 function getEnvironmentDetails (virtualenv) {
-    const value = virtualenv || resource.model.get('custom_virtualenv');
+    const customVirtualenv = virtualenv || resource.model.get('custom_virtualenv');
-    if (!value || value === '') {
+    if (!customVirtualenv || customVirtualenv === '') {
        return null;
    }
    const label = strings.get('labels.ENVIRONMENT');
    const value = $filter('sanitize')(customVirtualenv);
    return { label, value };
 }
@@ -345,6 +346,7 @@ function getInventoryScmDetails (updateId, updateStatus) {
    const link = `/#/projects/${projectId}`;
    const jobTooltip = strings.get('tooltips.INVENTORY_SCM_JOB');
    const tooltip = strings.get('tooltips.INVENTORY_SCM');
    const value = $filter('sanitize')(projectName);
    let icon;
@@ -354,7 +356,7 @@ function getInventoryScmDetails (updateId, updateStatus) {
        icon = `fa icon-job-${status}`;
    }
-    return { label, link, icon, jobLink, jobTooltip, tooltip, value: projectName };
+    return { label, link, icon, jobLink, jobTooltip, tooltip, value };
 }
 function getSCMRevisionDetails () {