From 5bda9dde0056ed29f4102bfdd78897f1407fc8f7 Mon Sep 17 00:00:00 2001 From: David Gageot Date: Wed, 23 May 2012 17:22:20 +0200 Subject: [PATCH] SONAR-3016 Escape filter name and key --- .../webapp/WEB-INF/app/helpers/widget_properties_helper.rb | 6 +++--- .../WEB-INF/app/views/dashboard/_widget_title.html.erb | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/sonar-server/src/main/webapp/WEB-INF/app/helpers/widget_properties_helper.rb b/sonar-server/src/main/webapp/WEB-INF/app/helpers/widget_properties_helper.rb index f3fd3475ce7..56aa47c93cc 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/helpers/widget_properties_helper.rb +++ b/sonar-server/src/main/webapp/WEB-INF/app/helpers/widget_properties_helper.rb @@ -52,15 +52,15 @@ module WidgetPropertiesHelper end def options_id(value, values) - values.collect { |f| "" }.to_s + values.collect { |f| "" }.to_s end def options_key(value, values) - values.collect { |f| "" }.to_s + values.collect { |f| "" }.to_s end def option_group(name, options) - options.empty? ? '' : "" + options + "" + options.empty? ? '' : "" + options + "" end end diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/dashboard/_widget_title.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/dashboard/_widget_title.html.erb index 0be79c9ef20..448a892f080 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/views/dashboard/_widget_title.html.erb +++ b/sonar-server/src/main/webapp/WEB-INF/app/views/dashboard/_widget_title.html.erb @@ -1,10 +1,10 @@ <% if widget.properties_as_hash['filter'] and @filter %>
- <%= @filter.name -%> + <%= h @filter.name -%> <% if @filter.period_index %> - (<%= period_names[@filter.period_index-1] -%>) + (<%= h period_names[@filter.period_index-1] -%>) <% end %>
<% elsif @dashboard.global and @resource and !widget.java_definition.global %> -
<%= @resource.name -%>
+
<%= h @resource.name -%>
<% end %> -- 2.39.5