135/netdisco
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Enforce escaping on all template content

Browse Source
This commit is contained in:
Oliver Gorwits
2019-09-23 14:22:00 +01:00
parent 5f378a39ea
commit deb9b62c7f
77 changed files with 392 additions and 387 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
share/views/ajax/admintask/orphaned.tt
View File

@@ -22,11 +22,11 @@
<tbody>
[% FOREACH row IN orphans %]
<tr>
<td><a href="[% uri_for('/device') %]?q=[% row.ip | uri %]">
<td><a href="[% uri_for('/device') | none %]?q=[% row.ip | uri %]">
[% row.dns || row.name || row.ip | html_entity %]</a></td>
<td>
[% IF row.location %]
<a href="[% search_device %]&q=[% row.location | uri %]&location=[% row.location | uri %]">
<a href="[% search_device | none %]&q=[% row.location | uri %]&location=[% row.location | uri %]">
[% row.location | html_entity %]</a>
[% ELSE %]
[Not Set]
@@ -55,12 +55,12 @@
[% NEXT IF count == 1 %]
<div class="accordion-group">
<div class="accordion-heading">
<a class="accordion-toggle" data-toggle="collapse" data-target="#collapse-[% count %]" href="#collapse-[% count %]">
<a class="accordion-toggle" data-toggle="collapse" data-target="#collapse-[% count | html_entity %]" href="#collapse-[% count | html_entity %]">
<i class="icon-chevron-up"></i> &nbsp;
Orphaned Network: [% count - 1 | html_entity %] Size: [% network.size | html_entity %] Devices
</a>
</div>
<div id="collapse-[% count %]" class="accordion-body collapse">
<div id="collapse-[% count | html_entity %]" class="accordion-body collapse">
<div class="accordion-inner">
<table class="table table-bordered table-condensed">
<thead>
@@ -75,11 +75,11 @@
<tbody>
[% FOREACH row IN network %]
<tr>
<td><a href="[% uri_for('/device') %]?tab=netmap&q=[% row.ip | uri %]&firstsearch=on">
<td><a href="[% uri_for('/device') | none %]?tab=netmap&q=[% row.ip | uri %]&firstsearch=on">
[% row.dns || row.name || row.ip | html_entity %]</a></td>
<td>
[% IF row.location %]
<a href="[% search_device %]&q=[% row.location | uri %]&location=[% row.location | uri %]">
<a href="[% search_device | none %]&q=[% row.location | uri %]&location=[% row.location | uri %]">
[% row.location | html_entity %]</a>
[% ELSE %]
[Not Set]