[icinga-checkins] icinga.org: icingaweb2/master: Don' t allow raw double quotes in dashlet URLs

git at icinga.org git at icinga.org
Tue Feb 23 16:34:23 CET 2016


Module: icingaweb2
Branch: master
Commit: 21eeeea7ea67d7f2064a9a0fc64875796c7b8c90
URL:    https://git.icinga.org/?p=icingaweb2.git;a=commit;h=21eeeea7ea67d7f2064a9a0fc64875796c7b8c90

Author: Alexander A. Klimov <alexander.klimov at netways.de>
Date:   Tue Feb 23 13:33:58 2016 +0100

Don't allow raw double quotes in dashlet URLs

---

 application/forms/Dashboard/DashletForm.php |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/application/forms/Dashboard/DashletForm.php b/application/forms/Dashboard/DashletForm.php
index d003814..f3df2c2 100644
--- a/application/forms/Dashboard/DashletForm.php
+++ b/application/forms/Dashboard/DashletForm.php
@@ -5,6 +5,7 @@ namespace Icinga\Forms\Dashboard;
 
 use Icinga\Web\Widget\Dashboard;
 use Icinga\Web\Form;
+use Icinga\Web\Form\Validator\UrlValidator;
 use Icinga\Web\Url;
 use Icinga\Web\Widget\Dashboard\Dashlet;
 
@@ -68,7 +69,8 @@ class DashletForm extends Form
                 'label'         => $this->translate('Url'),
                 'description'   => $this->translate(
                     'Enter url being loaded in the dashlet. You can paste the full URL, including filters.'
-                )
+                ),
+                'validators'    => array(new UrlValidator())
             )
         );
         $this->addElement(



More information about the icinga-checkins mailing list