[icinga-checkins] icinga.org: icingaweb2/master: Escape messages of notifications loaded by JavaScript

git at icinga.org git at icinga.org
Fri Feb 19 14:23:43 CET 2016


Module: icingaweb2
Branch: master
Commit: 11ea7d99d7b50af7edcfd47533efd95b855279da
URL:    https://git.icinga.org/?p=icingaweb2.git;a=commit;h=11ea7d99d7b50af7edcfd47533efd95b855279da

Author: Alexander A. Klimov <alexander.klimov at netways.de>
Date:   Fri Feb 19 14:10:58 2016 +0100

Escape messages of notifications loaded by JavaScript

---

 public/js/icinga/loader.js |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/js/icinga/loader.js b/public/js/icinga/loader.js
index fbbce39..8a6bf7f 100644
--- a/public/js/icinga/loader.js
+++ b/public/js/icinga/loader.js
@@ -711,7 +711,7 @@
                 c += ' persist';
             }
             var $notice = $(
-                '<li class="' + c + '">' + message + '</li>'
+                '<li class="' + c + '">' + this.icinga.utils.escape(message) + '</li>'
             ).appendTo($('#notifications'));
 
             this.icinga.ui.fixControls();



More information about the icinga-checkins mailing list