Change in ovirt-engine[master]: ui: remove Escape characters for TextBoxLabel
shavivi at redhat.com
shavivi at redhat.com
Tue Jul 1 07:37:59 UTC 2014
Shahar Havivi has submitted this change and it was merged.
Change subject: ui: remove Escape characters for TextBoxLabel
......................................................................
ui: remove Escape characters for TextBoxLabel
The reason that we use:
SafeHtmlUtils.htmlEscape(renderedText);
is to prevent javascript code injection such as <script> etc.
Its looks like the control is already safe rendering (tested with
<script>, <b> and <h1>).
without removing this line its render <>,. as theyer escaped value.
Change-Id: I2e303decb9395fcf193e874b4ae55ab076ec0bba
Bug-Url: https://bugzilla.redhat.com/1113499
Signed-off-by: Shahar Havivi <shaharh at redhat.com>
---
M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/widget/label/TextBoxLabel.java
1 file changed, 2 insertions(+), 11 deletions(-)
Approvals:
Tomas Jelinek: Looks good to me, approved
Shahar Havivi: Verified; Looks good to me, approved
Vojtech Szocs: Looks good to me, approved
--
To view, visit http://gerrit.ovirt.org/29292
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I2e303decb9395fcf193e874b4ae55ab076ec0bba
Gerrit-PatchSet: 4
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Shahar Havivi <shavivi at redhat.com>
Gerrit-Reviewer: Alexander Wels <awels at redhat.com>
Gerrit-Reviewer: Omer Frenkel <ofrenkel at redhat.com>
Gerrit-Reviewer: Shahar Havivi <shavivi at redhat.com>
Gerrit-Reviewer: Tomas Jelinek <tjelinek at redhat.com>
Gerrit-Reviewer: Vojtech Szocs <vszocs at redhat.com>
Gerrit-Reviewer: automation at ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server
More information about the Engine-commits
mailing list