External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-16 10:40:01 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2175 from marshmalien/fix/1496-inconsistent-ui-character-escaping

Browse Source 
Use textContent property instead of innerHTML within sanitize filter
This commit is contained in:
Marliana Lara
2018-06-18 13:37:36 -04:00
committed by GitHub
parent af97338190 2a52dceb1a
commit 4b59628075
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
awx/ui/client/features/output/details.component.js
View File

@@ -289,7 +289,7 @@ function getProjectDetails () {
const label = strings.get('labels.PROJECT'); const label = strings.get('labels.PROJECT');
const link = `/#/projects/${project.id}`; const link = `/#/projects/${project.id}`;
const value = $filter('sanitize')(project.name); const value = project.name;
const tooltip = strings.get('tooltips.PROJECT'); const tooltip = strings.get('tooltips.PROJECT');
return { label, link, value, tooltip }; return { label, link, value, tooltip };

2
awx/ui/client/src/shared/filters/xss-sanitizer.filter.js
View File

@@ -6,7 +6,7 @@
export default [function() { export default [function() {
return function(input) { return function(input) {
input = $("<span>").text(input)[0].innerHTML; input = $("<span>").text(input)[0].textContent;
return input; return input;
}; };
}]; }];

2
awx/ui/test/spec/shared/filters/xss-sanitizer.filter-test.js
View File

@@ -12,6 +12,6 @@ describe('Filter: sanitize', () => {
}); });
it('should sanitize xss-vulnerable strings', function(){ it('should sanitize xss-vulnerable strings', function(){
expect(filter("<div>foobar</div>")).toBe("&lt;div&gt;foobar&lt;/div&gt;"); expect(filter("<div>foobar</div>")).toBe("<div>foobar</div>");
}); });
}); });