From 23a96edebb890914507642e3e7f3403daf1963eb Mon Sep 17 00:00:00 2001 From: pbezliapovich Date: Fri, 28 Jun 2024 11:20:31 +0200 Subject: [PATCH] fix: Fixed loading named settings (#50) Refs: #51 --- app/src/main/resources/js/custom-select.js | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/app/src/main/resources/js/custom-select.js b/app/src/main/resources/js/custom-select.js index 9eaa976..7f16a52 100644 --- a/app/src/main/resources/js/custom-select.js +++ b/app/src/main/resources/js/custom-select.js @@ -126,6 +126,16 @@ SbbCustomSelect.prototype.selectMultipleValues = function(values) { this.handleChange(); }; +// Using code like: +// this.selectElement.innerHTML = "" +// results in XSS vulnerability. The code below solves this issue. +SbbCustomSelect.prototype.setSelectedOptionValue = function(optionText) { + const optionElement = document.createElement("option"); + optionElement.textContent = optionText; + this.selectElement.innerHTML = ''; + this.selectElement.appendChild(optionElement); +}; + SbbCustomSelect.prototype.handleChange = function(event) { if (this.mutiselect) { this.setSelectedOptionValue(this.getSelectedText().join(", ")); @@ -161,14 +171,4 @@ SbbCustomSelect.prototype.handleChange = function(event) { } this.checkboxContainer.style.display = "none"; } - - // Using code like: - // this.selectElement.innerHTML = "" - // results in XSS vulnerability. The code below solves this issue. - SbbCustomSelect.prototype.setSelectedOptionValue = function(optionText) { - const optionElement = document.createElement("option"); - optionElement.textContent = optionText; - this.selectElement.innerHTML = ''; - this.selectElement.appendChild(optionElement); - }; } \ No newline at end of file