[open-ils-commits] [GIT] Evergreen ILS branch master updated. cc0a346d60f9bfa2f370ef28360c4fc7903801ca
Evergreen Git
git at git.evergreen-ils.org
Wed Jun 17 16:23:12 EDT 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Evergreen ILS".
The branch, master has been updated
via cc0a346d60f9bfa2f370ef28360c4fc7903801ca (commit)
from 8e0fcafd5f45ec5ad6e3ffdb4a61321d9977fd00 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit cc0a346d60f9bfa2f370ef28360c4fc7903801ca
Author: Bill Erickson <berickxx at gmail.com>
Date: Wed Jun 17 13:27:05 2015 -0400
LP#1446816 HTML-escape notes in XUL patron alert page
Avoid rendering HTML contained in patron messages, etc. in the XUL
patron stop-sign page.
Thanks to Jason Etheridge, ESI for noting this problem and contributing
the original patch fix.
Signed-off-by: Bill Erickson <berickxx at gmail.com>
Signed-off-by: Ben Shum <bshum at biblio.org>
diff --git a/Open-ILS/xul/staff_client/server/patron/display.js b/Open-ILS/xul/staff_client/server/patron/display.js
index 8fd0847..bf3ff02 100644
--- a/Open-ILS/xul/staff_client/server/patron/display.js
+++ b/Open-ILS/xul/staff_client/server/patron/display.js
@@ -974,7 +974,7 @@ patron.display.prototype = {
obj._already_defaulted_once = true;
var msg = ''; obj.stop_checkouts = false;
if (patron.alert_message())
- msg += $("patronStrings").getFormattedString('staff.patron.display.init.network_request.alert_message', [patron.alert_message()]) + '<br/><br/>';
+ msg += $("patronStrings").getFormattedString('staff.patron.display.init.network_request.alert_message', [(patron.alert_message()).replace(/</g,'<').replace(/>/g,'>')]) + '<br/><br/>';
//alert('obj.barcode = ' + obj.barcode);
if (obj.barcode) {
if (patron.cards()) for (var i = 0; i < patron.cards().length; i++) {
@@ -1034,9 +1034,9 @@ patron.display.prototype = {
dl_flag_opened = true;
}
msg += '<dt>';
- msg += obj.OpenILS.data.hash.aou[ penalties[i].org_unit() ].shortname() + ' : ' + penalties[i].standing_penalty().label() + '<br/>';
+ msg += (obj.OpenILS.data.hash.aou[ penalties[i].org_unit() ].shortname() + ' : ' + penalties[i].standing_penalty().label()).replace(/</g,'<').replace(/>/g,'>') + '<br/>';
msg += '</dt><dd>';
- msg += (penalties[i].note())?penalties[i].note():'';
+ msg += ((penalties[i].note())?penalties[i].note():'').replace(/</g,'<').replace(/>/g,'>');
msg += '</dd>';
}
}
-----------------------------------------------------------------------
Summary of changes:
Open-ILS/xul/staff_client/server/patron/display.js | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
hooks/post-receive
--
Evergreen ILS
More information about the open-ils-commits
mailing list