Skip to content

Commit

Permalink
Merge pull request #1314 from axonivy-market/bug/IVYPORTAL-18031-Medi…
Browse files Browse the repository at this point in the history 
…um-DOM-text-reinterpreted-as-HTML-LE

bug/IVYPORTAL-18031-Medium-DOM-text-reinterpreted-as-HTML-LE
  • Loading branch information
@chnam-axonivy
chnam-axonivy authored Dec 17, 2024
2 parents f3e1757 + c770f8c commit e41f482
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 3 deletions.
11 changes: 10 additions & 1 deletion AxonIvyPortal/portal/webContent/resources/js/chat.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -733,7 +733,7 @@ function View(uri)
}
} else {
var userDom = document.createElement('li');
userDom.innerHTML = $('.js-no-users-of-role').val();
userDom.innerHTML = escapeHtml($('.js-no-users-of-role').val());
userList.appendChild(userDom);
}
roleGroupDom.appendChild(userList)
Expand All @@ -742,6 +742,15 @@ function View(uri)
}
PF('participants-list-dialog').initPosition();
}

function escapeHtml(unsafe){
return unsafe
.replace(/&/g, "&")
.replace(/</g, "&lt;")
.replace(/>/g, "&gt;")
.replace(/"/g, "&quot;")
.replace(/'/g, "&#039;");
}

function initCloneGroup(groupTemplate, groupId) {
var cloneGroup = groupTemplate.cloneNode(true);
Expand Down
11 changes: 9 additions & 2 deletions AxonIvyPortal/portal/webContent/resources/js/welcome-widget.js
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,11 @@
function escapeHtml(unsafe){
return unsafe
.replace(/&/g, "&amp;")
.replace(/</g, "&lt;")
.replace(/>/g, "&gt;")
.replace(/"/g, "&quot;")
.replace(/'/g, "&#039;");
}
WelcomeWidgetConfiguration = {

oldImageStyleClass : '',
Expand All @@ -11,15 +19,14 @@ WelcomeWidgetConfiguration = {
this.updateStyleClasses();
this.updatePreviewImageFit();
},

updatePreviewText : function(isGreeting) {
var previewDialog = $('#new-widget-configuration-dialog');
var welcomeText = previewDialog.find('.js-welcome-text-input.language-to-preview').get(0).value;

if (isGreeting == 'true' || (isGreeting == undefined && $('.js-greeting-text').length != 0)) {
welcomeText = previewDialog.find('.js-greeting-text.language-to-preview').get(0).innerHTML + welcomeText;
}
$('#new-widget-configuration-dialog').find('.js-preview-text').get(0).innerHTML = welcomeText;
$('#new-widget-configuration-dialog').find('.js-preview-text').get(0).innerHTML = escapeHtml(welcomeText);
},

updatePreviewTextPosition : function() {
Expand Down

0 comments on commit e41f482

Please sign in to comment.