[tryton-commits] changeset in sao:default Escape external strings
changeset d1858845ab3a in sao:default
details: https://hg.tryton.org/sao?cmd=changeset;node=d1858845ab3a
description:
Escape external strings
issue9394
review293931002
diffstat:
CHANGELOG| 1 +
src/board.js | 4 ++--
src/tab.js | 6 +++---
src/view/form.js | 2 +-
src/view/tree.js | 8
src/window.js| 16
6 files changed, 19 insertions(+), 18 deletions(-)
diffs (174 lines):
diff -r e2b40d5d11b2 -r d1858845ab3a CHANGELOG
--- a/CHANGELOG Fri Jun 19 00:20:27 2020 +0200
+++ b/CHANGELOG Mon Jun 29 17:29:45 2020 +0200
@@ -1,3 +1,4 @@
+* Escape external string (issue9394)
* Keep context in sessionStorage
* Use existing context for get_preferences
* Escape external strings (issue9351)
diff -r e2b40d5d11b2 -r d1858845ab3a src/board.js
--- a/src/board.js Fri Jun 19 00:20:27 2020 +0200
+++ b/src/board.js Mon Jun 29 17:29:45 2020 +0200
@@ -137,9 +137,9 @@
params);
if (attributes.string) {
-this.title.html(attributes.string);
+this.title.text(attributes.string);
} else {
-this.title.html(this.action.name);
+this.title.text(this.action.name);
}
this.screen.switch_view().done(function() {
this.body.append(this.screen.screen_container.el);
diff -r e2b40d5d11b2 -r d1858845ab3a src/tab.js
--- a/src/tab.jsFri Jun 19 00:20:27 2020 +0200
+++ b/src/tab.jsMon Jun 29 17:29:45 2020 +0200
@@ -406,7 +406,7 @@
role: 'tabpanel',
'class': 'tab-pane',
id: tab.id
-}).html(tab.el)
+}).append(tab.el)
.appendTo(tabcontent);
tab_link.tab('show');
tabs.trigger('ready');
@@ -1358,7 +1358,7 @@
}.bind(this));
this.create_tabcontent();
this.set_name(this.name);
-this.title.html(this.name_el.text());
+this.title.text(this.name_el.text());
},
compare: function(attributes) {
if (!attributes) {
@@ -1398,7 +1398,7 @@
this.set_name(wizard.name);
wizard.tab = this;
this.create_tabcontent();
-this.title.html(this.name_el.text());
+this.title.text(this.name_el.text());
this.el.append(wizard.form);
},
create_toolbar: function() {
diff -r e2b40d5d11b2 -r d1858845ab3a src/view/form.js
--- a/src/view/form.js Fri Jun 19 00:20:27 2020 +0200
+++ b/src/view/form.js Mon Jun 29 17:29:45 2020 +0200
@@ -780,7 +780,7 @@
.append(img)
.text(text))
.appendTo(this.nav);
-pane.html(tab).appendTo(this.panes);
+pane.append(tab).appendTo(this.panes);
if (!this.selected) {
// Can not use .tab('show')
page.addClass('active');
diff -r e2b40d5d11b2 -r d1858845ab3a src/view/tree.js
--- a/src/view/tree.js Fri Jun 19 00:20:27 2020 +0200
+++ b/src/view/tree.js Mon Jun 29 17:29:45 2020 +0200
@@ -1337,7 +1337,7 @@
if (item.length) {
prefix.render(this.record, item);
} else {
-prefix_el.html(prefix.render(this.record));
+
prefix_el.empty().append(prefix.render(this.record));
}
}
}
@@ -1346,7 +1346,7 @@
if (item.length) {
column.render(this.record, item);
} else {
-widget.html(column.render(this.record));
+widget.empty().append(column.render(this.record));
}
if (column.suffixes) {
for (var k = 0; k < column.suffixes.length; k++) {
@@ -1356,7 +1356,7 @@
if (item.length) {
suffix.render(this.record, item);
} else {
-suffix_el.html(suffix.render(this.record));
+
suffix_el.empty().append(suffix.render(this.record));
}
}
}
@@ -1693,7 +1693,7 @@
this.tree.columns.forEach(function(col, idx) {
var td = this._get_column_td(idx);
var static_el = this.get_static_el(td);
-static_el.html(col.render(this.record)).show();
+static_el.empty().append(col.render(this.record)).show();
this.get_editable_el(td)
.empty()
.data('widget', null)
diff -r e2b40d5d11b2 -r d1858845ab3a src/window.js
--- a/src/window.js Fri Jun 19 00:20:27 2020 +0200
+++
[tryton-commits] changeset in sao:default Escape external strings
changeset 2d55ed2f2bb1 in sao:default
details: https://hg.tryton.org/sao?cmd=changeset;node=2d55ed2f2bb1
description:
Escape external strings
issue9351
review301651002
diffstat:
CHANGELOG| 1 +
src/common.js| 72 ++--
src/sao.js | 14 +-
src/screen.js| 8 ++--
src/session.js | 6 ++--
src/tab.js | 18 ++--
src/view/calendar.js | 2 +-
src/view/form.js | 12
src/view/tree.js | 2 +-
src/window.js| 42 +++---
src/wizard.js| 2 +-
11 files changed, 90 insertions(+), 89 deletions(-)
diffs (746 lines):
diff -r fadfa132b4fb -r 2d55ed2f2bb1 CHANGELOG
--- a/CHANGELOG Thu May 21 09:10:46 2020 +0200
+++ b/CHANGELOG Tue May 26 09:57:34 2020 +0200
@@ -1,3 +1,4 @@
+* Escape external strings (issue9351)
* Add context to export URL
* Allow changes to editable tree checkboxes without first selecting the line
diff -r fadfa132b4fb -r 2d55ed2f2bb1 src/common.js
--- a/src/common.js Thu May 21 09:10:46 2020 +0200
+++ b/src/common.js Tue May 26 09:57:34 2020 +0200
@@ -135,12 +135,12 @@
jQuery('', {
'class': 'checkbox'
}).append(jQuery('')
-.append(jQuery('', {
+.text(' ' + k)
+.prepend(jQuery('', {
'type': 'radio',
'name': 'selection',
'value': i
-}))
-.append(' ' + k))
+})))
.appendTo(dialog.body);
});
dialog.body.find('input').first().prop('checked', true);
@@ -148,14 +148,14 @@
jQuery('', {
'class': 'btn btn-link',
'type': 'button'
-}).append(Sao.i18n.gettext('Cancel')).click(function() {
+}).text(Sao.i18n.gettext('Cancel')).click(function() {
dialog.modal.modal('hide');
prm.fail();
}).appendTo(dialog.footer);
jQuery('', {
'class': 'btn btn-primary',
'type': 'button'
-}).append(Sao.i18n.gettext('OK')).click(function() {
+}).text(Sao.i18n.gettext('OK')).click(function() {
var i = dialog.body.find('input:checked').attr('value');
dialog.modal.modal('hide');
prm.resolve(values[keys[i]]);
@@ -767,7 +767,7 @@
this.el = jQuery('', {
title: attributes.string || '',
});
-this.el.append(attributes.string || '');
+this.el.text(attributes.string || '');
if (this.attributes.rule) {
this.el.append(' ').append(jQuery('', {
'class': 'badge'
@@ -2912,14 +2912,14 @@
'aria-hidden': true,
})).append(jQuery('', {
'class': 'sr-only'
-}).append(Sao.i18n.gettext('Message: '))
+}).text(Sao.i18n.gettext('Message: '))
).append(jQuery('')
-.append(message)
+.text(message)
.css('white-space', 'pre-wrap')));
jQuery('', {
'class': 'btn btn-primary',
'type': 'button'
-}).append(Sao.i18n.gettext('OK')).click(function() {
+}).text(Sao.i18n.gettext('OK')).click(function() {
this.close(dialog);
prm.resolve('ok');
}.bind(this)).appendTo(dialog.footer);
@@ -2944,20 +2944,20 @@
'aria-hidden': true,
})).append(jQuery('', {
'class': 'sr-only'
-}).append(Sao.i18n.gettext('Warning: '))
+}).text(Sao.i18n.gettext('Warning: '))
).append(jQuery('')
-.append(title)
+.text(title)
.css('white-space', 'pre-wrap'));
if (message) {
content.append(jQuery('')
-.append(message)
+.text(message)
.css('white-space', 'pre-wrap'));
}
dialog.body.append(content);
jQuery('', {
'class': 'btn btn-primary',
'type': 'button'
-}).append(Sao.i18n.gettext('OK')).click(function() {
+}).text(Sao.i18n.gettext('OK')).click(function() {
this.close(dialog);
prm.resolve('ok');
}.bind(this)).appendTo(dialog.footer);
@@ -2978,7 +2978,7 @@
'class': 'checkbox',
}).append(jQuery('')
.append(always)
-.append(Sao.i18n.gettext('Always ignore this warning.')))
+.text(Sao.i18n.gettext('Always ignore this warning.')))
);
dialog.body.append(jQuery('')
.text(Sao.i18n.gettext('Do you want to proceed?')));
