Mirrors
/
aredn
mirror of https://github.com/aredn/aredn.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Improve description and note escaping (#1497)

This commit is contained in:
Tim Wilkinson 2024-09-12 21:27:29 -07:00 committed by GitHub
parent 36bddd2619
commit 5cad7ac101
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 26 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
files/app/main/status/e/basics.ut
View File

@ -72,10 +72,10 @@ if (request.env.REQUEST_METHOD === "PUT") {
}
configuration.prepareChanges();
if ("description_node" in request.args) {
configuration.setSetting("description_node", replace(request.args.description_node || "", "'", ""));
configuration.setSetting("description_node", configuration.escapeString(trim(request.args.description_node)));
}
if ("notes" in request.args) {
uciMesh.set("aredn", "@notes[0]", "private", replace(request.args.notes || "", "'", ""));
uciMesh.set("aredn", "@notes[0]", "private", configuration.escapeString(trim(request.args.notes)));
uciMesh.commit("aredn");
}
if ("node_name" in request.args) {

24
files/usr/share/ucode/aredn/configuration.uc
View File

@ -402,3 +402,27 @@ export function countChanges()
}
return count;
};
const specialCharacters = [
[ "&", "&" ], // Must be first
[ '"', """ ],
[ "'", "'" ],
[ "<", "&lt;" ],
[ ">", "&gt;" ]
];
export function escapeString(s)
{
for (let i = 0; i < length(specialCharacters); i++) {
s = replace(s, specialCharacters[i][0], specialCharacters[i][1]);
}
return s;
};
export function unescapeString(s)
{
for (let i = length(specialCharacters) - 1; i >= 0; i--) {
s = replace(s, specialCharacters[i][1], specialCharacters[i][0]);
}
return s;
};