135/netdisco
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Enforce escaping on all template content

Browse Source
This commit is contained in:
Oliver Gorwits
2019-09-23 14:22:00 +01:00
parent 5f378a39ea
commit deb9b62c7f
77 changed files with 392 additions and 387 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
share/views/ajax/report/inventorybymodelbyos.tt
View File

@@ -10,13 +10,13 @@
[% FOREACH row IN results %]
<tr>
<td>
<a href="[% search_device %]&q=[% row.model | uri %]&vendor=[% row.vendor | uri %]&model=[% row.model | uri %]">
<a href="[% search_device | none %]&q=[% row.model | uri %]&vendor=[% row.vendor | uri %]&model=[% row.model | uri %]">
[% row.vendor.ucfirst | html_entity %]&nbsp;[% row.model | html_entity %]</a>
[% IF row.os %] running &quot;[% row.os | html_entity %]&quot;[% END %]
</td>
<td>
<a class="nd_linkcell"
href="[% search_device %]&q=[% row.os_ver | uri %]&vendor=[% row.vendor | uri %]&model=[% row.model | uri %]&os=[% row.os | uri %]&os_ver=[% row.os_ver | uri %]&matchall=on">
href="[% search_device | none %]&q=[% row.os_ver | uri %]&vendor=[% row.vendor | uri %]&model=[% row.model | uri %]&os=[% row.os | uri %]&os_ver=[% row.os_ver | uri %]&matchall=on">
[% row.os_ver | html_entity %]</a>
</td>
<td>[% row.os_ver_count | html_entity %]</td>