vmario/wisemapping-open-source
1
0
Fork 0
mirror of https://bitbucket.org/wisemapping/wisemapping-open-source.git synced 2024-11-22 22:27:55 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix Javascript Injection bugs.

Browse Source
This commit is contained in:
Paulo Gustavo Veiga 2012-08-29 19:42:24 -03:00
parent d54a689ace
commit 96de014d52
5 changed files with 9 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
wise-webapp/src/main/webapp/js/mindmapList.js
View File

@ -1,22 +1,3 @@
jQuery.fn.dataTableExt.oSort['es_date-asc'] = function (a, b) {
var esDatea = a.split('/');
var esDateb = b.split('/');
var x = (esDatea[2] + esDatea[1] + esDatea[0]) * 1;
var y = (esDateb[2] + esDateb[1] + esDateb[0]) * 1;
return ((x < y) ? -1 : ((x > y) ? 1 : 0));
};
jQuery.fn.dataTableExt.oSort['es_date-desc'] = function (a, b) {
var esDatea = a.split('/');
var esDateb = b.split('/');
var x = (esDatea[2] + esDatea[1] + esDatea[0]) * 1;
var y = (esDateb[2] + esDateb[1] + esDateb[0]) * 1;
return ((x < y) ? 1 : ((x > y) ? -1 : 0));
};
$.fn.dataTableExt.oApi.fnReloadAjax = function (oSettings, sNewSource, fnCallback, bStandingRedraw) { $.fn.dataTableExt.oApi.fnReloadAjax = function (oSettings, sNewSource, fnCallback, bStandingRedraw) {
if (typeof sNewSource != 'undefined' && sNewSource != null) { if (typeof sNewSource != 'undefined' && sNewSource != null) {

8
wise-webapp/src/main/webapp/jsp/mindmapDetail.jsp
View File

@ -12,12 +12,12 @@
<div class="tab-content"> <div class="tab-content">
<div class="tab-pane fade active in" id="general"> <div class="tab-pane fade active in" id="general">
<ul class="unstyled"> <ul class="unstyled">
<li><strong><spring:message code="NAME"/>:</strong> ${mindmap.title}</li> <li><strong><spring:message code="NAME"/>:</strong> <c:out value="${mindmap.title}"/></li>
<li><strong><spring:message code="DESCRIPTION"/>:</strong> ${mindmap.description}</li> <li><strong><spring:message code="DESCRIPTION"/>:</strong> <c:out value="${mindmap.description}"/></li>
<li><strong><spring:message code="CREATOR"/>:</strong> ${mindmap.creator.fullName}</li> <li><strong><spring:message code="CREATOR"/>:</strong> <c:out value="${mindmap.creator.fullName}"/></li>
<li><strong><spring:message code="CREATION_TIME"/>:</strong> ${mindmap.creationTime}</li> <li><strong><spring:message code="CREATION_TIME"/>:</strong> ${mindmap.creationTime}</li>
<li><strong><spring:message code="LAST_UPDATE"/>:</strong> ${mindmap.lastEditTime}</li> <li><strong><spring:message code="LAST_UPDATE"/>:</strong> ${mindmap.lastEditTime}</li>
<li><strong><spring:message code="LAST_UPDATE_BY"/>:</strong> ${mindmap.lastEditor}</li> <li><strong><spring:message code="LAST_UPDATE_BY"/>:</strong> <c:out value="${mindmap.lastEditor}"/></li>
<li><strong> <spring:message code="STARRED"/>:</strong> ${mindmap.starred}</li> <li><strong> <spring:message code="STARRED"/>:</strong> ${mindmap.starred}</li>
</ul> </ul>
</div> </div>

4
wise-webapp/src/main/webapp/jsp/mindmapEmbed.jsp
View File

@ -78,8 +78,8 @@
<div id="zoomOut" class="button"></div> <div id="zoomOut" class="button"></div>
<div id="mapDetails"> <div id="mapDetails">
<span class="title"><spring:message code="CREATOR"/>:</span><span>${mindmap.creator.fullName}</span> <span class="title"><spring:message code="CREATOR"/>:</span><span><c:out value="${mindmap.creator.fullName}"/></span>
<span class="title"><spring:message code="DESCRIPTION"/>:</span><span>${mindmap.title}</span> <span class="title"><spring:message code="DESCRIPTION"/>:</span><span><c:out value="${mindmap.title}"/></span>
</div> </div>
</div> </div>
</div> </div>

2
wise-webapp/src/main/webapp/jsp/mindmapList.jsp
View File

@ -58,7 +58,7 @@
bUseRendered:false, bUseRendered:false,
mDataProp:"title", mDataProp:"title",
fnRender:function (obj) { fnRender:function (obj) {
return '<a href="c/maps/' + obj.aData.id + '/edit">' + obj.aData.title + '</a>'; return $('<a href="c/maps/' + obj.aData.id + '/edit"></a>').text(obj.aData.title).html();
} }
}, },
{ {

4
wise-webapp/src/main/webapp/jsp/mindmapPrint.jsp
View File

@ -113,8 +113,8 @@
<div id="zoomIn" class="button"></div> <div id="zoomIn" class="button"></div>
<div id="mapDetails"> <div id="mapDetails">
<span class="title"><spring:message code="CREATOR"/>:</span><span>${mindmap.creator.fullName}</span> <span class="title"><spring:message code="CREATOR"/>:</span><span><c:out value="${mindmap.creator.fullName}"/></span>
<span class="title"><spring:message code="DESCRIPTION"/>:</span><span>${mindmap.title}</span> <span class="title"><spring:message code="DESCRIPTION"/>:</span><span><c:out value="${mindmap.title}"/></span>
</div> </div>
</div> </div>
</div> </div>