Fixed several other XSS's
This commit is contained in:
Patrik Kernstock
parent
5fd00abf91
commit
4f25a3646e
@ -482,6 +482,7 @@ jQuery(function($){
|
|||||||
}
|
}
|
||||||
item.symbols[key].str = str;
|
item.symbols[key].str = str;
|
||||||
});
|
});
|
||||||
|
item.subject = escapeHtml(item.subject);
|
||||||
item.symbols = Object.keys(item.symbols).
|
item.symbols = Object.keys(item.symbols).
|
||||||
map(function(key) {
|
map(function(key) {
|
||||||
return item.symbols[key];
|
return item.symbols[key];
|
||||||
@ -526,6 +527,8 @@ jQuery(function($){
|
|||||||
$.each(data, function (i, item) {
|
$.each(data, function (i, item) {
|
||||||
if (item.ua == null) {
|
if (item.ua == null) {
|
||||||
item.ua = 'unknown';
|
item.ua = 'unknown';
|
||||||
|
} else {
|
||||||
|
item.ua = escapeHtml(item.ua);
|
||||||
}
|
}
|
||||||
item.ua = '<span style="font-size:small">' + item.ua + '</span>';
|
item.ua = '<span style="font-size:small">' + item.ua + '</span>';
|
||||||
if (item.service == "activesync") {
|
if (item.service == "activesync") {
|
||||||
@ -535,7 +538,7 @@ jQuery(function($){
|
|||||||
item.service = '<span class="label label-success">IMAP, SMTP, Cal-/CardDAV</span>';
|
item.service = '<span class="label label-success">IMAP, SMTP, Cal-/CardDAV</span>';
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
item.service = '<span class="label label-danger">' + item.service + '</span>';
|
item.service = '<span class="label label-danger">' + escapeHtml(item.service) + '</span>';
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
} else if (table == 'watchdog') {
|
} else if (table == 'watchdog') {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user