SSF-19

author Simon Brandhof <simon.brandhof@gmail.com>

Fri, 6 Sep 2013 08:37:43 +0000 (10:37 +0200)

committer Simon Brandhof <simon.brandhof@gmail.com>

Fri, 6 Sep 2013 08:37:43 +0000 (10:37 +0200)
author Simon Brandhof <simon.brandhof@gmail.com>
Fri, 6 Sep 2013 08:37:43 +0000 (10:37 +0200)
committer Simon Brandhof <simon.brandhof@gmail.com>
Fri, 6 Sep 2013 08:37:43 +0000 (10:37 +0200)
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_layout.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_layout.html.erb

index 013e9a882fc9e43d699f9e55c4fae8cdcbcc90bf..5d487d6288192a1a748d1a9c1a31316fd2c346a7 100644 (file)
--- a/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_layout.html.erb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_layout.html.erb
@@ -50,7 +50,7 @@
            <% if selected_section==Navigation::SECTION_HOME %>
              <% ActiveDashboard.user_dashboards(current_user, true).each do |active_dashboard| %>
                <li class="<%= 'active' if @dashboard && controller.controller_path=='dashboard' && active_dashboard.dashboard_id==@dashboard.id -%>">
-                <a href="<%= ApplicationController.root_context -%>/dashboard/?did=<%= active_dashboard.dashboard_id -%>"><%= active_dashboard.dashboard.name(true) -%></a>
+                <a href="<%= ApplicationController.root_context -%>/dashboard/?did=<%= active_dashboard.dashboard_id -%>"><%= h active_dashboard.dashboard.name(true) -%></a>
                </li>
              <% end %>
  
@@ -59,7 +59,7 @@
                selected=request.request_uri.include?("/plugins/home/#{page_url}")
              %>
                <li class="<%= 'active' if selected -%>">
-                <a href="<%= ApplicationController.root_context -%><%= page_url -%>"><%= message(page.getId() + '.page', :default => page.getTitle()) -%></a></li>
+                <a href="<%= ApplicationController.root_context -%><%= page_url -%>"><%= h message(page.getId() + '.page', :default => page.getTitle()) -%></a></li>
              <% end %>
  
              <li class="spacer"></li>
@@ -74,7 +74,7 @@
            <% elsif selected_section==Navigation::SECTION_RESOURCE %>
              <% ActiveDashboard.user_dashboards(current_user, false).each do |active_dashboard| %>
                <li class="<%= 'active' if @dashboard && controller.controller_path=='dashboard' && active_dashboard.dashboard_id==@dashboard.id -%>">
-                <a href="<%= ApplicationController.root_context -%>/dashboard/index/<%= @project.id -%>?did=<%= active_dashboard.dashboard_id -%><%= "&"+period_param if period_param -%>"><%= active_dashboard.dashboard.name(true) -%></a>
+                <a href="<%= ApplicationController.root_context -%>/dashboard/index/<%= @project.id -%>?did=<%= active_dashboard.dashboard_id -%><%= "&"+period_param if period_param -%>"><%= h active_dashboard.dashboard.name(true) -%></a>
                </li>
              <% end %>
              <li class="spacer"></li>
@@ -89,7 +89,7 @@
                page_url = (page.isController() ? "#{page.getId()}?id=#{@project.id}" : "/plugins/resource/#{@project.id}?page=#{page.getId()}")
              %>
                <li class="<%= 'active' if request.request_uri.include?(page_url) -%>">
-                <a href="<%= ApplicationController.root_context -%><%= page_url -%>"><%= message(page.getId() + '.page', :default => page.getTitle()) %></a>
+                <a href="<%= ApplicationController.root_context -%><%= page_url -%>"><%= h message(page.getId() + '.page', :default => page.getTitle()) -%></a>
                </li>
              <% end %>
              <li class="<%= 'active' if controller.controller_path=='cloud' -%>">
@@ -119,7 +119,7 @@
                page_url = (page.isController() ? page.getId() : "/plugins/configuration/#{page.getId()}")
              %>
                <li class="<%= 'active' if request.request_uri.include?(page_url) -%>">
-                <a href="<%= ApplicationController.root_context -%><%= page_url -%>"><%= message(page.getId() + '.page', :default => page.getTitle()) %></a>
+                <a href="<%= ApplicationController.root_context -%><%= page_url -%>"><%= h message(page.getId() + '.page', :default => page.getTitle()) %></a>
                </li>
              <% end %>
              <li class="spacer"></li>
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_resource_settings.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_resource_settings.html.erb

index 2eadf79f01d7f85eac9a44389d7359deb5545492..2b7cfbab9808bde054192c144a8ac6d6bb6b9e9a 100644 (file)
--- a/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_resource_settings.html.erb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_resource_settings.html.erb
@@ -35,7 +35,7 @@
            controller.java_facade.getPages(Navigation::SECTION_RESOURCE_CONFIGURATION, @project.scope, @project.qualifier, @project.language, nil).each do |page|
              page_url = "#{page.getId()}?resource=#{@project.id}"
        %>
-        <li><a href="<%= ApplicationController.root_context -%><%= page_url -%>"><%= message(page.getId() + '.page', :default => page.getTitle()) -%></a></li>
+        <li><a href="<%= ApplicationController.root_context -%><%= page_url -%>"><%= h message(page.getId() + '.page', :default => page.getTitle()) -%></a></li>
        <%   end
           end %>
      </ul>
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_user.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_user.html.erb

index ec6a9bdaff1db39dbd8ca1253ec9b983c3040ac2..9fa5eed02ab912a8048bff8be39d520f35f27ad6 100644 (file)
--- a/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_user.html.erb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_user.html.erb
@@ -1,5 +1,5 @@
  <li>
-  <a href="#" onclick="showDropdownMenu('user-panel'); return false;" class="link-more"><%= current_user.name -%></a>
+  <a href="#" onclick="showDropdownMenu('user-panel'); return false;" class="link-more"><%= h current_user.name -%></a>
    
    <div id="user-panel" class="dropdown-menu" style="display: none">
      <ul>
@@ -8,4 +8,4 @@
      </ul>
    </div>
    
-</li>
-\ No newline at end of file
+</li>
author	Simon Brandhof <simon.brandhof@gmail.com>
	Fri, 6 Sep 2013 08:37:43 +0000 (10:37 +0200)
committer	Simon Brandhof <simon.brandhof@gmail.com>
	Fri, 6 Sep 2013 08:37:43 +0000 (10:37 +0200)
sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_layout.html.erb		patch \| blob \| history
sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_resource_settings.html.erb		patch \| blob \| history
sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_user.html.erb		patch \| blob \| history