dhis2-devs team mailing list archive

Thread
Date

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 20992: Added escaping

To: DHIS 2 developers <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
From: noreply@xxxxxxxxxxxxx
Date: Mon, 09 Nov 2015 10:14:26 -0000
Reply-to: noreply@xxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

------------------------------------------------------------
revno: 20992
committer: Markus Bekken <markus.bekken@xxxxxxxxx>
branch nick: dhis2
timestamp: Mon 2015-11-09 11:13:05 +0100
message:
  Added escaping
modified:
  dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-program/src/main/webapp/dhis-web-maintenance-program/addProgramRule.vm
  dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-program/src/main/webapp/dhis-web-maintenance-program/updateProgramRule.vm


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-program/src/main/webapp/dhis-web-maintenance-program/addProgramRule.vm'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-program/src/main/webapp/dhis-web-maintenance-program/addProgramRule.vm	2015-08-27 19:05:47 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-program/src/main/webapp/dhis-web-maintenance-program/addProgramRule.vm	2015-11-09 10:13:05 +0000
@@ -41,7 +41,7 @@
 
         var attributeList = new Array();
 	#foreach( $programAttribute in $program.programAttributes )
-            attributeList['$programAttribute.attribute.uid'] = '$programAttribute.attribute.displayName';
+            attributeList['$programAttribute.attribute.uid'] = '$encoder.jsEscape($programAttribute.attribute.displayName, "'" )';
 	#end
 	
 	var sectionSelector = "<select class='actionSections' >";

=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-program/src/main/webapp/dhis-web-maintenance-program/updateProgramRule.vm'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-program/src/main/webapp/dhis-web-maintenance-program/updateProgramRule.vm	2015-08-27 19:05:47 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-program/src/main/webapp/dhis-web-maintenance-program/updateProgramRule.vm	2015-11-09 10:13:05 +0000
@@ -41,7 +41,7 @@
 
         var attributeList = new Array();
 	#foreach( $programAttribute in $program.programAttributes )
-            attributeList['$programAttribute.attribute.uid'] = '$programAttribute.attribute.displayName';
+            attributeList['$programAttribute.attribute.uid'] = '$encoder.jsEscape($programAttribute.attribute.displayName, "'" )';
 	#end
 	
 	var sectionSelector = "<select class='actionSections' >";