From e67e6b32f2b8c31b52c35e34d0e03fe38f7df663 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Andr=C3=A9=20Peters?= Date: Wed, 12 Jul 2017 11:05:43 +0200 Subject: [PATCH] Escape all the things \o/ --- interface/js/app/history.js | 39 ++++++++++++++++++++++++++----------- 1 file changed, 28 insertions(+), 11 deletions(-) diff --git a/interface/js/app/history.js b/interface/js/app/history.js index 378c3cf7b..8262e8cfd 100644 --- a/interface/js/app/history.js +++ b/interface/js/app/history.js @@ -171,7 +171,8 @@ function($, _, Humanize) { "style": { "font-size": "11px", "minWidth": 88 - } + }, + "formatter": EscapeHTML }, { "name": "sender_mime", "title": "From", @@ -179,7 +180,8 @@ function($, _, Humanize) { "style": { "font-size": "11px", "minWidth": 100 - } + }, + "formatter": EscapeHTML }, { "name": "rcpt_mime", "title": "To", @@ -187,7 +189,8 @@ function($, _, Humanize) { "style": { "font-size": "11px", "minWidth": 100 - } + }, + "formatter": EscapeHTML }, { "name": "subject", "title": "Subject", @@ -204,7 +207,8 @@ function($, _, Humanize) { "style": { "font-size": "11px", "minwidth": 82 - } + }, + "formatter": EscapeHTML }, { "name": "score", "title": "Score", @@ -212,6 +216,7 @@ function($, _, Humanize) { "font-size": "11px", "maxWidth": 110 }, + "formatter": EscapeHTML, "sortValue": function(val) { return Number(val.options.sortValue); } }, { "name": "symbols", @@ -221,7 +226,8 @@ function($, _, Humanize) { "font-size": "11px", "width": 550, "maxWidth": 550 - } + }, + "formatter": EscapeHTML }, { "name": "size", "title": "Msg size", @@ -239,6 +245,7 @@ function($, _, Humanize) { "font-size": "11px", "maxWidth": 72 }, + "formatter": EscapeHTML, "sortValue": function(val) { return Number(val.options.sortValue); } }, { "sorted": true, @@ -248,6 +255,7 @@ function($, _, Humanize) { "style": { "font-size": "11px" }, + "formatter": EscapeHTML, "sortValue": function(val) { return Number(val.options.sortValue); } }, { "name": "user", @@ -256,7 +264,8 @@ function($, _, Humanize) { "style": { "font-size": "11px", "minWidth": 100 - } + }, + "formatter": EscapeHTML }]; } @@ -272,7 +281,8 @@ function($, _, Humanize) { "textOverflow": "ellipsis", "wordBreak": "keep-all", "whiteSpace": "nowrap" - } + }, + "formatter": EscapeHTML }, { "name": "ip", "title": "IP address", @@ -281,7 +291,8 @@ function($, _, Humanize) { "font-size": "11px", "width": 150, "maxWidth": 150 - } + }, + "formatter": EscapeHTML }, { "name": "action", "title": "Action", @@ -289,7 +300,8 @@ function($, _, Humanize) { "font-size": "11px", "width": 110, "maxWidth": 110 - } + }, + "formatter": EscapeHTML }, { "name": "score", "title": "Score", @@ -297,6 +309,7 @@ function($, _, Humanize) { "font-size": "11px", "maxWidth": 110 }, + "formatter": EscapeHTML, "sortValue": function(val) { return Number(val.options.sortValue); } }, { "name": "symbols", @@ -306,7 +319,8 @@ function($, _, Humanize) { "font-size": "11px", "width": 550, "maxWidth": 550 - } + }, + "formatter": EscapeHTML }, { "name": "size", "title": "Message size", @@ -325,6 +339,7 @@ function($, _, Humanize) { "font-size": "11px", "maxWidth": 80 }, + "formatter": EscapeHTML, "sortValue": function(val) { return Number(val.options.sortValue); } }, { "sorted": true, @@ -334,6 +349,7 @@ function($, _, Humanize) { "style": { "font-size": "11px" }, + "formatter": EscapeHTML, "sortValue": function(val) { return Number(val.options.sortValue); } }, { "name": "user", @@ -343,7 +359,8 @@ function($, _, Humanize) { "font-size": "11px", "width": 200, "maxWidth": 200 - } + }, + "formatter": EscapeHTML }]; } -- 2.39.5