diff options
| author | Raul <r.ferreira.fuentes@gmail.com> | 2022-07-22 15:20:23 +0300 |
|---|---|---|
| committer | Raul <r.ferreira.fuentes@gmail.com> | 2022-07-22 15:20:23 +0300 |
| commit | c6bcc4562486a87066f367539854606f543b108c (patch) | |
| tree | df35740096b642ee100532e23cfdd593a660de5c | |
| parent | c3bb47682592197ce40d6da633be2cf6dbc6bed0 (diff) | |
Fix incorrect HTML encoding of filenamebugfix/html_encoding_filename
Signed-off-by: Raul <r.ferreira.fuentes@gmail.com>
| -rw-r--r-- | src/view/Office.vue | 2 | ||||
| -rw-r--r-- | templates/documents.php | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/src/view/Office.vue b/src/view/Office.vue index b1211a2c..7fdf71e3 100644 --- a/src/view/Office.vue +++ b/src/view/Office.vue @@ -27,7 +27,7 @@ id="cool-loading-overlay" :class="{ debug: debug }"> <EmptyContent v-if="!error" icon="icon-loading"> - {{ t('richdocuments', 'Loading {filename} …', { filename: basename }, undefined, { escape: false }) }} + {{ t('richdocuments', 'Loading {filename} …', { filename: basename }, 1, {escape: false}) }} <template #desc> <button @click="close"> {{ t('richdocuments', 'Cancel') }} diff --git a/templates/documents.php b/templates/documents.php index 2169d31b..71380c81 100644 --- a/templates/documents.php +++ b/templates/documents.php @@ -1,6 +1,6 @@ <script nonce="<?php p(\OC::$server->getContentSecurityPolicyNonceManager()->getNonce()) ?>"> var richdocuments_permissions = '<?php p($_['permissions']) ?>'; - var richdocuments_title = '<?php p($_['title']) ?>'; + var richdocuments_title = '<?php print_unescaped(addslashes($_['title'])) ?>'; var richdocuments_fileId = '<?php p($_['fileId']) ?>'; var richdocuments_token = '<?php p($_['token'] ? $_['token'] : "") ?>'; var richdocuments_token_ttl = <?php p($_['token_ttl'] ?: 0) ?>; |