taiga
/
taiga-front
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fix history xss

stable
Juanfran 2014-10-31 13:55:28 +01:00
parent 969b79642c
commit ffe15c436b
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
app/coffee/modules/common/history.coffee
View File

@ -84,11 +84,11 @@ HistoryDirective = ($log, $loading) ->
<div class="activity-fromto"> <div class="activity-fromto">
<p> <p>
<strong> from </strong> <br /> <strong> from </strong> <br />
<span><%= point[0] %></span> <span><%- point[0] %></span>
</p> </p>
<p> <p>
<strong> to </strong> <br /> <strong> to </strong> <br />
<span><%= point[1] %></span> <span><%- point[1] %></span>
</p> </p>
</div> </div>
</div> </div>
@ -103,11 +103,11 @@ HistoryDirective = ($log, $loading) ->
<div class="activity-fromto"> <div class="activity-fromto">
<p> <p>
<strong> from </strong> <br /> <strong> from </strong> <br />
<span><%= from %></span> <span><%- from %></span>
</p> </p>
<p> <p>
<strong> to </strong> <br /> <strong> to </strong> <br />
<span><%= to %></span> <span><%- to %></span>
</p> </p>
</div> </div>
</div> </div>
@ -121,11 +121,11 @@ HistoryDirective = ($log, $loading) ->
<% _.each(diff, function(change) { %> <% _.each(diff, function(change) { %>
<p> <p>
<strong><%= change.name %> from </strong> <br /> <strong><%= change.name %> from </strong> <br />
<span><%= change.from %></span> <span><%- change.from %></span>
</p> </p>
<p> <p>
<strong><%= change.name %> to </strong> <br /> <strong><%= change.name %> to </strong> <br />
<span><%= change.to %></span> <span><%- change.to %></span>
</p> </p>
<% }) %> <% }) %>
</div> </div>