135/netdisco
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Enforce escaping on all template content

Browse Source
This commit is contained in:
Oliver Gorwits
2019-09-23 14:22:00 +01:00
parent 5f378a39ea
commit deb9b62c7f
77 changed files with 392 additions and 387 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
share/views/ajax/report/devicebylocation.tt
View File

@@ -15,13 +15,13 @@ $(document).ready(function() {
var table = $('#data-table').dataTable({
"deferRender": true,
"order": [[ 0, "asc" ], [2, "asc"], [ 3, "asc" ], [4, "asc"]],
"data": [% results %],
"data": [% results | none %],
"columns": [
{
"data": 'location',
"render": function(data, type, row, meta) {
if (data) {
return '<a href="[% search_device %]&q=' + encodeURIComponent(data) + '&location=' + encodeURIComponent(data) + '">' + he.encode(data) + '</a>';
return '<a href="[% search_device | none %]&q=' + encodeURIComponent(data) + '&location=' + encodeURIComponent(data) + '">' + he.encode(data) + '</a>';
} else {
return '[Not Set]';
@@ -30,22 +30,22 @@ $(document).ready(function() {
}, {
"data": 'ip',
"render": function(data, type, row, meta) {
return '<a href="[% uri_for('/device') %]?q=' + encodeURIComponent(data) + '">' + he.encode(row.dns || row.ip) + '</a>';
return '<a href="[% uri_for('/device') | none %]?q=' + encodeURIComponent(data) + '">' + he.encode(row.dns || row.ip) + '</a>';
}
}, {
"data": 'name',
"render": function(data, type, row, meta) {
return '<a href="[% search_device %]&q=' + encodeURIComponent(data) + '&model=' + encodeURIComponent(data) + '">' + he.encode(data || '') + '</a>';
return '<a href="[% search_device | none %]&q=' + encodeURIComponent(data) + '&model=' + encodeURIComponent(data) + '">' + he.encode(data || '') + '</a>';
}
}, {
"data": 'vendor',
"render": function(data, type, row, meta) {
return '<a href="[% search_device %]&q=' + encodeURIComponent(data) + '&model=' + encodeURIComponent(data) + '">' + he.encode(data || '') + '</a>';
return '<a href="[% search_device | none %]&q=' + encodeURIComponent(data) + '&model=' + encodeURIComponent(data) + '">' + he.encode(data || '') + '</a>';
}
}, {
"data": 'model',
"render": function(data, type, row, meta) {
return '<a href="[% search_device %]&q=' + encodeURIComponent(data) + '&model=' + encodeURIComponent(data) + '">' + he.encode(data || '') + '</a>';
return '<a href="[% search_device | none %]&q=' + encodeURIComponent(data) + '&model=' + encodeURIComponent(data) + '">' + he.encode(data || '') + '</a>';
}
}
],