diff options
| author | moisseev <moiseev@mezonplus.ru> | 2024-04-09 09:14:07 +0300 |
|---|---|---|
| committer | moisseev <moiseev@mezonplus.ru> | 2024-04-09 09:14:07 +0300 |
| commit | 126584384ea4d7e26289771b4d663e796f2f65f6 (patch) | |
| tree | 1c92111347d770af0625b461f1e02005d257aceb /interface | |
| parent | 748f80fdfe4076488442aecf418fa8ac30bce72e (diff) | |
| download | rspamd-126584384ea4d7e26289771b4d663e796f2f65f6.tar.gz rspamd-126584384ea4d7e26289771b4d663e796f2f65f6.zip | |
[WebUI] Escape HTML characters in errors history
Diffstat (limited to 'interface')
| -rw-r--r-- | interface/js/app/history.js | 4 | ||||
| -rw-r--r-- | interface/js/app/libft.js | 4 |
2 files changed, 5 insertions, 3 deletions
diff --git a/interface/js/app/history.js b/interface/js/app/history.js index 6366f6723..185922087 100644 --- a/interface/js/app/history.js +++ b/interface/js/app/history.js @@ -262,6 +262,10 @@ define(["jquery", "app/common", "app/libft", "footable"], sortValue: item.ts } }; + for (const prop in item) { + if (!{}.hasOwnProperty.call(item, prop)) continue; + if (typeof item[prop] === "string") item[prop] = common.escapeHTML(item[prop]); + } }); if (Object.prototype.hasOwnProperty.call(common.tables, "errors")) { common.tables.errors.rows.load(rows); diff --git a/interface/js/app/libft.js b/interface/js/app/libft.js index e45a1718d..1e81cfd26 100644 --- a/interface/js/app/libft.js +++ b/interface/js/app/libft.js @@ -491,9 +491,7 @@ define(["jquery", "app/common", "footable"], }); break; default: - if (typeof item[prop] === "string") { - item[prop] = common.escapeHTML(item[prop]); - } + if (typeof item[prop] === "string") item[prop] = common.escapeHTML(item[prop]); } } |