From: David Gageot Date: Wed, 23 May 2012 15:22:20 +0000 (+0200) Subject: SONAR-3016 Escape filter name and key X-Git-Tag: 3.1~98 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=5bda9dde0056ed29f4102bfdd78897f1407fc8f7;p=sonarqube.git SONAR-3016 Escape filter name and key --- diff --git a/sonar-server/src/main/webapp/WEB-INF/app/helpers/widget_properties_helper.rb b/sonar-server/src/main/webapp/WEB-INF/app/helpers/widget_properties_helper.rb index f3fd3475ce7..56aa47c93cc 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/helpers/widget_properties_helper.rb +++ b/sonar-server/src/main/webapp/WEB-INF/app/helpers/widget_properties_helper.rb @@ -52,15 +52,15 @@ module WidgetPropertiesHelper end def options_id(value, values) - values.collect { |f| "" }.to_s + values.collect { |f| "" }.to_s end def options_key(value, values) - values.collect { |f| "" }.to_s + values.collect { |f| "" }.to_s end def option_group(name, options) - options.empty? ? '' : "" + options + "" + options.empty? ? '' : "" + options + "" end end diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/dashboard/_widget_title.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/dashboard/_widget_title.html.erb index 0be79c9ef20..448a892f080 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/views/dashboard/_widget_title.html.erb +++ b/sonar-server/src/main/webapp/WEB-INF/app/views/dashboard/_widget_title.html.erb @@ -1,10 +1,10 @@ <% if widget.properties_as_hash['filter'] and @filter %>
- <%= @filter.name -%> + <%= h @filter.name -%> <% if @filter.period_index %> - (<%= period_names[@filter.period_index-1] -%>) + (<%= h period_names[@filter.period_index-1] -%>) <% end %>
<% elsif @dashboard.global and @resource and !widget.java_definition.global %> -
<%= @resource.name -%>
+
<%= h @resource.name -%>
<% end %>