libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

Merge pull request #110 from vrockai/KEYCLOAK-170

Browse source 
KEYCLOAK-170 escape HTML chars in Dialog service
This commit is contained in:
stianst 2013-11-26 06:39:19 -08:00
commit a7a5156b6a
1 changed files with 9 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
admin-ui/src/main/resources/META-INF/resources/admin/js/services.js
View file

@ -15,9 +15,16 @@ module.service('Auth', function() {
module.service('Dialog', function($dialog) { module.service('Dialog', function($dialog) {
var dialog = {}; var dialog = {};
var escapeHtml = function(str) {
var div = document.createElement('div');
div.appendChild(document.createTextNode(str));
return div.innerHTML;
};
dialog.confirmDelete = function(name, type, success) { dialog.confirmDelete = function(name, type, success) {
var title = 'Delete ' + type.charAt(0).toUpperCase() + type.slice(1); var title = 'Delete ' + escapeHtml(type.charAt(0).toUpperCase() + type.slice(1));
var msg = '<span class="primary">Are you sure you want to permanently delete the ' + type + ' "' + name + '"?</span>' + var msg = '<span class="primary">Are you sure you want to permanently delete the ' + escapeHtml(type) + ' "' + escapeHtml(name) + '"?</span>' +
'<span>This action can\'t be undone.</span>'; '<span>This action can\'t be undone.</span>';
var btns = [ { var btns = [ {
result : 'cancel', result : 'cancel',