Pathogen
/
neptune
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Escape fields before passing to JS

Browse Source
modern-tables
Mark Veidemanis 2 years ago
parent 83b6285931
commit 5cc04863ac
Signed by: m
GPG Key ID: 5ACFCEED46C0904F
2 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File

7
core/templates/ui/drilldown/drilldown.html
Unescape Escape View File

@ -5,7 +5,12 @@
<script> <script>
function populateSearch(field, value) { function populateSearch(field, value) {
var queryElement = document.getElementById('query'); var queryElement = document.getElementById('query');
var toAppend = ` AND ${field}: ${value}`; var present = true;
if (present == true) {
var toAppend = ` AND ${field}: "${value}"`;
} else {
var toAppend = ` AND NOT ${field}: "${value}"`;
}
if (!queryElement.value.includes(toAppend)) { if (!queryElement.value.includes(toAppend)) {
queryElement.value+=toAppend; queryElement.value+=toAppend;
} else { } else {

12
core/templates/ui/drilldown/results.html
Unescape Escape View File

@ -65,7 +65,7 @@
{% endif %} {% endif %}
<td> <td>
<a class="has-text-link is-underlined" <a class="has-text-link is-underlined"
onclick="populateSearch('src', '{{ item.src }}')"> onclick="populateSearch('src', '{{ item.src|escapejs }}')">
{% if item.src == 'irc' %} {% if item.src == 'irc' %}
<span class="icon" data-tooltip="IRC"> <span class="icon" data-tooltip="IRC">
<i class="fa-solid fa-hashtag" aria-hidden="true"></i> <i class="fa-solid fa-hashtag" aria-hidden="true"></i>
@ -79,7 +79,7 @@
</td> </td>
<td> <td>
<a class="has-text-link is-underlined" <a class="has-text-link is-underlined"
onclick="populateSearch('type', '{{ item.type }}')"> onclick="populateSearch('type', '{{ item.type|escapejs }}')">
{% if item.type == 'msg' %} {% if item.type == 'msg' %}
<span class="icon" data-tooltip="Message"> <span class="icon" data-tooltip="Message">
<i class="fa-solid fa-message"></i> <i class="fa-solid fa-message"></i>
@ -120,7 +120,7 @@
<td style="max-width: 10em" class="wrap">{{ item.msg }}</td> <td style="max-width: 10em" class="wrap">{{ item.msg }}</td>
<td> <td>
<a class="has-text-link is-underlined" <a class="has-text-link is-underlined"
onclick="populateSearch('host', '{{ item.host }}')"> onclick="populateSearch('host', '{{ item.host|escapejs }}')">
{{ item.host }} {{ item.host }}
</a> </a>
</td> </td>
@ -141,7 +141,7 @@
</span> </span>
{% endif %} {% endif %}
</div> </div>
<a class="nowrap-child has-text-link is-underlined" onclick="populateSearch('nick', '{{ item.nick }}')"> <a class="nowrap-child has-text-link is-underlined" onclick="populateSearch('nick', '{{ item.nick|escapejs }}')">
{{ item.nick }} {{ item.nick }}
</a> </a>
{% if item.num_chans is not None %} {% if item.num_chans is not None %}
@ -169,7 +169,7 @@
<td> <td>
<div class="nowrap-parent"> <div class="nowrap-parent">
<a class="nowrap-child has-text-link is-underlined" <a class="nowrap-child has-text-link is-underlined"
onclick="populateSearch('channel', '{{ item.channel }}')"> onclick="populateSearch('channel', '{{ item.channel|escapejs }}')">
{{ item.channel }} {{ item.channel }}
</a> </a>
{% if item.num_users is not None %} {% if item.num_users is not None %}
@ -183,7 +183,7 @@
</td> </td>
<td> <td>
<a class="has-text-link is-underlined" <a class="has-text-link is-underlined"
onclick="populateSearch('net', '{{ item.net }}')"> onclick="populateSearch('net', '{{ item.net|escapejs }}')">
{{ item.net }} {{ item.net }}
</a> </a>
</td> </td>

Write Preview
Loading…
Cancel
Save