You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by st...@apache.org on 2014/11/13 17:36:41 UTC
svn commit: r1639383 - in /lucene/dev/trunk/solr: CHANGES.txt
webapp/web/js/scripts/plugins.js
Author: steffkes
Date: Thu Nov 13 16:36:41 2014
New Revision: 1639383
URL: http://svn.apache.org/r1639383
Log:
SOLR-6738: Admin UI - Escape Data on Plugins-View
Modified:
lucene/dev/trunk/solr/CHANGES.txt
lucene/dev/trunk/solr/webapp/web/js/scripts/plugins.js
Modified: lucene/dev/trunk/solr/CHANGES.txt
URL: http://svn.apache.org/viewvc/lucene/dev/trunk/solr/CHANGES.txt?rev=1639383&r1=1639382&r2=1639383&view=diff
==============================================================================
--- lucene/dev/trunk/solr/CHANGES.txt (original)
+++ lucene/dev/trunk/solr/CHANGES.txt Thu Nov 13 16:36:41 2014
@@ -289,6 +289,8 @@ Bug Fixes
scripts; remove -XX:+AggressiveOpts and only set -XX:-UseSuperWord for Java 1.7u40
to u51. (Uwe Schindler, janhoy, hossman, Timothy Potter)
+* SOLR-6738: Admin UI - Escape Data on Plugins-View (steffkes)
+
Optimizations
----------------------
Modified: lucene/dev/trunk/solr/webapp/web/js/scripts/plugins.js
URL: http://svn.apache.org/viewvc/lucene/dev/trunk/solr/webapp/web/js/scripts/plugins.js?rev=1639383&r1=1639382&r2=1639383&view=diff
==============================================================================
--- lucene/dev/trunk/solr/webapp/web/js/scripts/plugins.js (original)
+++ lucene/dev/trunk/solr/webapp/web/js/scripts/plugins.js Thu Nov 13 16:36:41 2014
@@ -235,21 +235,21 @@ var render_plugin_data = function( plugi
}
content += '<li><dl class="clearfix">' + "\n";
- content += '<dt>' + detail_key + ':</dt>' + "\n";
+ content += '<dt>' + detail_key.esc() + ':</dt>' + "\n";
if($.isArray(detail_value)) {
$.each(detail_value, function(index, value) {
- content += '<dd>' + value + '</dd>' + "\n";
+ content += '<dd>' + value.esc() + '</dd>' + "\n";
});
}
else {
- content += '<dd>' + detail_value + '</dd>' + "\n";
+ content += '<dd>' + new String( detail_value ).esc() + '</dd>' + "\n";
}
content += '</dl></li>' + "\n";
}
else if( 'stats' === detail_key && details[detail_key] )
{
content += '<li class="stats clearfix">' + "\n";
- content += '<span>' + detail_key + ':</span>' + "\n";
+ content += '<span>' + detail_key.esc() + ':</span>' + "\n";
content += '<ul>' + "\n";
for( var stats_key in details[detail_key] )
@@ -258,8 +258,8 @@ var render_plugin_data = function( plugi
stats_value = stats_value.replace( /([\(@])/g, '$1​' );
content += '<li><dl class="clearfix">' + "\n";
- content += '<dt>' + stats_key + ':</dt>' + "\n";
- content += '<dd>' + stats_value + '</dd>' + "\n";
+ content += '<dt>' + stats_key.esc() + ':</dt>' + "\n";
+ content += '<dd>' + stats_value.esc() + '</dd>' + "\n";
content += '</dl></li>' + "\n";
}