diff options
| author | nachoparker <nacho@ownyourbits.com> | 2019-01-11 05:22:10 +0300 |
|---|---|---|
| committer | nachoparker <nacho@ownyourbits.com> | 2019-01-11 05:22:21 +0300 |
| commit | 6ba0cb0638160e24070d5ed5ce5212f46a660bbc (patch) | |
| tree | b0ab193e8ab5ab686e6dcc2f744bcce4fc344f99 | |
| parent | 0ff1df9b5c5b411941d1781587a91c65a8bd542f (diff) | |
ncp-web: escape HTML in details boxv1.1.1
| -rw-r--r-- | changelog.md | 8 | ||||
| -rw-r--r-- | ncp-web/js/ncp.js | 9 |
2 files changed, 13 insertions, 4 deletions
diff --git a/changelog.md b/changelog.md index b7dea74c..fc7faac2 100644 --- a/changelog.md +++ b/changelog.md @@ -1,7 +1,11 @@ -[v1.0.2](https://github.com/nextcloud/nextcloudpi/commit/a2f79d2) (2019-01-09) wizard: dont change missing parameters +[v1.1.1](https://github.com/nextcloud/nextcloudpi/commit/a95bc68) (2019-01-10) ncp-web: escape HTML in details box -[v1.0.1](https://github.com/nextcloud/nextcloudpi/commit/f722c45) (2019-01-08) nc-update-nc: remove backup after restoring +[v1.1.0](https://github.com/nextcloud/nextcloudpi/commit/0ff1df9) (2019-01-08) upgrade to NC15 + +[v1.0.2 ](https://github.com/nextcloud/nextcloudpi/commit/06b00e4) (2019-01-09) wizard: dont change missing parameters + +[v1.0.1 ](https://github.com/nextcloud/nextcloudpi/commit/f722c45) (2019-01-08) nc-update-nc: remove backup after restoring [v1.0.0 ](https://github.com/nextcloud/nextcloudpi/commit/013198c) (2019-01-08) ncp-config: allow empty values diff --git a/ncp-web/js/ncp.js b/ncp-web/js/ncp.js index 67ae725c..0f5402e5 100644 --- a/ncp-web/js/ncp.js +++ b/ncp-web/js/ncp.js @@ -164,7 +164,8 @@ function filter_apps(e) search_box.value = ''; var input = $$('#' + match.id + '-config-box input'); input.focus(); - input.selectionStart = input.selectionEnd = input.value.length; + if( input.getAttribute('type') != 'checkbox' ) + input.selectionStart = input.selectionEnd = input.value.length; $('#search-box').animate( {$width: '0px'}, 150 ).then(function() { $('#search-box').hide(); }); history.pushState(null, selectedID, "?app=" + selectedID); return; @@ -209,6 +210,10 @@ $(function() $('#poweroff-dialog').hide(); $('#overlay').hide(); + function escapeHTML(str) { + return str.replace(/&/g,'&').replace(/</g,'<').replace(/>/g,'>'); + } + source.addEventListener('message', function(e) { if ( e.origin != 'https://' + window.location.hostname + ':4443') @@ -220,7 +225,7 @@ $(function() if (!selectedID) return; var box_l = $('#' + selectedID + '-details-box'); var box = box_l[0]; - box_l.ht( box.innerHTML + e.data + '<br>' ); + box_l.ht( box.innerHTML + escapeHTML(e.data) + '<br>' ); box.scrollTop = box.scrollHeight; }, false); |