diff options
author | Ted Trask <ttrask01@yahoo.com> | 2009-01-15 21:44:39 +0000 |
---|---|---|
committer | Ted Trask <ttrask01@yahoo.com> | 2009-01-15 21:44:39 +0000 |
commit | afcd120c1c5b8d839820259c9d8b488e994fcffe (patch) | |
tree | 4de8e8154f830517eb5b8dd9423973e054d5041b /openssl-html.lsp | |
parent | 9457621e19a8c7475412782ad15225a44302006d (diff) | |
download | acf-openssl-afcd120c1c5b8d839820259c9d8b488e994fcffe.tar.bz2 acf-openssl-afcd120c1c5b8d839820259c9d8b488e994fcffe.tar.xz |
Modified html.lua and viewlibrary.lua and all html files to html_escape variables before displaying them.
git-svn-id: svn://svn.alpinelinux.org/acf/openssl/trunk@1678 ab2d0c66-481e-0410-8bed-d214d4d58bed
Diffstat (limited to 'openssl-html.lsp')
-rw-r--r-- | openssl-html.lsp | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/openssl-html.lsp b/openssl-html.lsp index 4258171..bd2ed7e 100644 --- a/openssl-html.lsp +++ b/openssl-html.lsp @@ -18,7 +18,7 @@ io.write(html.cfe_unpack(view)) <% displaycommandresults({"approve", "deleterequest", "deletemyrequest", "renewcert", "requestrenewcert", "revoke", "deletecert"}, session) %> -<H1>Pending certificate requests<% if view.value.user then%> for <%= view.value.user.value %><% end %></H1> +<H1>Pending certificate requests<% if view.value.user then%> for <%= html.html_escape(view.value.user.value) %><% end %></H1> <% if not view.value.pending or #view.value.pending.value == 0 then %> No certificates pending <% else %> @@ -47,9 +47,9 @@ io.write(html.cfe_unpack(view)) io.write(html.link{value="deletemyrequest?request="..request.name, label="Delete "}) end %> </td> - <td><%= request.user %></td> - <td><%= request.certtype %></td> - <td><%= request.commonName %></td> + <td><%= html.html_escape(request.user) %></td> + <td><%= html.html_escape(request.certtype) %></td> + <td><%= html.html_escape(request.commonName) %></td> </tr> <% end %> </tbody> @@ -74,7 +74,7 @@ else approved = view.value.approved.value end %> -<H1>Approved certificate requests<% if view.value.user then%> for <%= view.value.user.value %><% end %></H1> +<H1>Approved certificate requests<% if view.value.user then%> for <%= html.html_escape(view.value.user.value) %><% end %></H1> <% if #approved == 0 then %> No certificates approved <% else %> @@ -111,18 +111,18 @@ end %> <%= html.link{value="deletecert?cert="..cert.name, label="Delete "} %> <% end %> </td> - <td><%= cert.user %></td> - <td><%= cert.certtype %></td> - <td><%= cert.commonName %></td> - <td><%= tostring(tonumber('0x'..cert.serial)) %></td> - <td><%= cert.enddate %></td> + <td><%= html.html_escape(cert.user) %></td> + <td><%= html.html_escape(cert.certtype) %></td> + <td><%= html.html_escape(cert.commonName) %></td> + <td><%= html.html_escape(tostring(tonumber('0x'..cert.serial))) %></td> + <td><%= html.html_escape(cert.enddate) %></td> </tr> <% end %> <tbody> </table> <% end %> -<H1>Revoked certificates<% if view.value.user then%> for <%= view.value.user.value %><% end %></H1> +<H1>Revoked certificates<% if view.value.user then%> for <%= html.html_escape(view.value.user.value) %><% end %></H1> <% if #revoked == 0 then %> No certificates revoked <% else %> @@ -150,10 +150,10 @@ end %> <%= html.link{value="deletecert?cert="..cert.name, label="Delete "} %> <% end %> </td> - <td><%= cert.user %></td> - <td><%= cert.certtype %></td> - <td><%= cert.commonName %></td> - <td><%= tostring(tonumber('0x'..cert.serial)) %></td> + <td><%= html.html_escape(cert.user) %></td> + <td><%= html.html_escape(cert.certtype) %></td> + <td><%= html.html_escape(cert.commonName) %></td> + <td><%= html.html_escape(tostring(tonumber('0x'..cert.serial))) %></td> </tr> <% end %> </tbody> |