135/netdisco
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Enforce escaping on all template content

Browse Source
This commit is contained in:
Oliver Gorwits
2019-09-23 14:22:00 +01:00
parent 5f378a39ea
commit deb9b62c7f
77 changed files with 392 additions and 387 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
share/views/ajax/report/nodevendor.tt
View File

@@ -29,7 +29,7 @@ $(document).ready(function() {
[% IF opt %]
"serverSide": true,
"order": [[ 0, "desc" ]],
"ajax": "[% uri_for('/ajax/content/report/nodevendor/data') %]?[% url(params('query').hash) %]",
"ajax": "[% uri_for('/ajax/content/report/nodevendor/data') | none %]?[% url(params('query').hash) | none %]",
"columns": [
{
"data": 'mac',
@@ -38,17 +38,17 @@ $(document).ready(function() {
if (row.active) {
icon = '';
}
return '<a href="[% search_node %]&q=' + encodeURIComponent(data) + '">' + he.encode(data.toUpperCase()) + icon + '</a>';
return '<a href="[% search_node | none %]&q=' + encodeURIComponent(data) + '">' + he.encode(data.toUpperCase()) + icon + '</a>';
}
}, {
"data": 'oui.abbrev',
"render": function(data, type, row, meta) {
return '<a href="[% uri_for('/report/nodevendor') %]?vendor=' + encodeURIComponent(row.oui.abbrev || 'blank') + '">' + he.encode(row.oui.company ||'(Unknown Vendor)') + '</a>';
return '<a href="[% uri_for('/report/nodevendor') | none %]?vendor=' + encodeURIComponent(row.oui.abbrev || 'blank') + '">' + he.encode(row.oui.company ||'(Unknown Vendor)') + '</a>';
}
}, {
"data": 'port',
"render": function(data, type, row, meta) {
return '<a href="[% device_ports %]&q=' + encodeURIComponent(row.switch) + '&f=' + encodeURIComponent(data) + '&c_nodes=on&n_ssid=on">' + he.encode(row.device.dns || row.device.name || row.switch) + '(' + he.encode(data) + ')</a>';
return '<a href="[% device_ports | none %]&q=' + encodeURIComponent(row.switch) + '&f=' + encodeURIComponent(data) + '&c_nodes=on&n_ssid=on">' + he.encode(row.device.dns || row.device.name || row.switch) + '(' + he.encode(data) + ')</a>';
}
}, {
// Included for filtering
@@ -66,12 +66,12 @@ $(document).ready(function() {
],
[% ELSE %]
"deferRender": true,
"data": [% results %],
"data": [% results | none %],
"columns": [
{
"data": 'vendor',
"render": function(data, type, row, meta) {
return '<a href="[% uri_for('/report/nodevendor') %]?vendor=' + encodeURIComponent(row.abbrev || 'blank') + '">' + he.encode(row.vendor ||'(Unknown Vendor)') + '</a>';
return '<a href="[% uri_for('/report/nodevendor') | none %]?vendor=' + encodeURIComponent(row.abbrev || 'blank') + '">' + he.encode(row.vendor ||'(Unknown Vendor)') + '</a>';
}
}, {
"data": 'count',