diff options
| author | Stas Vilchik <vilchiks@gmail.com> | 2016-03-08 13:35:08 +0100 |
|---|---|---|
| committer | Stas Vilchik <vilchiks@gmail.com> | 2016-03-08 13:35:08 +0100 |
| commit | 59e3f1c094a78849a52220eacbabb8503eae0fa3 (patch) | |
| tree | 9d50eb61270bbe684bc854b1308cacd2184321fe /server | |
| parent | e3e400e833672839c188b1a82f815b2cbf1e8d42 (diff) | |
| download | sonarqube-59e3f1c094a78849a52220eacbabb8503eae0fa3.tar.gz sonarqube-59e3f1c094a78849a52220eacbabb8503eae0fa3.zip | |
SONAR-7424 Fix SSF-40 & SSF-41
Diffstat (limited to 'server')
| -rw-r--r-- | server/sonar-web/src/main/webapp/WEB-INF/app/views/project/history.html.erb | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/views/project/history.html.erb b/server/sonar-web/src/main/webapp/WEB-INF/app/views/project/history.html.erb index 3defad732c2..42952020d52 100644 --- a/server/sonar-web/src/main/webapp/WEB-INF/app/views/project/history.html.erb +++ b/server/sonar-web/src/main/webapp/WEB-INF/app/views/project/history.html.erb @@ -62,7 +62,7 @@ <tr id="version_<%= index -%>"> <% if version_event %> - <td class="width100"><%= version_event.name if version_event -%></td> + <td class="width100"><%= h(version_event.name) if version_event -%></td> <td class="small edit_actions" style="padding-left:20px"> <a id="version_<%= index -%>_change" href="#" onclick="$j('#version_<%= index -%>').hide();$j('#version_<%= index -%>_form').show();$j('#version_name_<%= index -%>').focus();return false;"><%= message('project_history.rename_version') -%></a> @@ -83,7 +83,7 @@ <tr id="version_<%= index -%>_form" style="display:none;"> <td coslpan="2" class="admin"> <% form_tag( {:action => 'update_version', :sid => snapshot.id }) do -%> - <input id="version_name_<%= index -%>" name="version_name" type="text" value="<%= version_event ? version_event.name : '' -%>" + <input id="version_name_<%= index -%>" name="version_name" type="text" value="<%= version_event ? h(version_event.name) : '' -%>" onKeyUp="if (this.value=='') $j('#save_version_<%= index -%>').disabled='true'; else $j('#save_version_<%= index -%>').disabled='';"/> <%= submit_tag message('save'), :id => 'save_version_' + index.to_s %> <a href="#" onclick="$j('#version_<%= index -%>').show();$j('#version_<%= index -%>_form').hide();"><%= message('cancel') -%></a> @@ -101,7 +101,7 @@ event_index = index.to_s + '-' + index2.to_s %> <tr id="event_<%= event_index -%>"> - <td class="width100"><%= event.name -%></td> + <td class="width100"><%= h event.name -%></td> <td class="small edit_actions" style="padding-left:20px"> <a id="event_<%= event_index -%>_change" href="#" onclick="$j('#event_<%= event_index -%>').hide();$j('#event_<%= event_index -%>_form').show();$j('#event_name_<%= event_index -%>').focus();return false;"><%= message('project_history.rename_event') -%></a> <%= link_to( message('project_history.remove_version'), @@ -112,7 +112,7 @@ <tr id="event_<%= event_index -%>_form" style="display:none;"> <td colspan="2" class="admin"> <% form_tag( {:action => 'update_event', :id => event.id }) do -%> - <input id="event_name_<%= event_index -%>" name="event_name" type="text" value="<%= event.name -%>" + <input id="event_name_<%= event_index -%>" name="event_name" type="text" value="<%= h event.name -%>" onKeyUp="if (this.value=='') $j('#save_event_<%= event_index -%>').disabled='true'; else $j('#save_event_<%= event_index -%>').disabled='';"/> <%= submit_tag message('save'), :id => 'save_event_' + event_index %> <a href="#" onclick="$j('#event_<%= event_index -%>').show();$j('#event_<%= event_index -%>_form').hide();"><%= message('cancel') -%></a> |