diff options
author | Ted Trask <ttrask01@yahoo.com> | 2009-01-15 21:44:39 +0000 |
---|---|---|
committer | Ted Trask <ttrask01@yahoo.com> | 2009-01-15 21:44:39 +0000 |
commit | 7501c1e7414f71a44feef23937505bd3eb7e5c28 (patch) | |
tree | 5689eadc01717c3ac20127b569e28cc46797fd36 /shorewall-listfiles-html.lsp | |
parent | 77f10141386c423248bb07a5b4ce794ad9aca138 (diff) | |
download | acf-shorewall-7501c1e7414f71a44feef23937505bd3eb7e5c28.tar.bz2 acf-shorewall-7501c1e7414f71a44feef23937505bd3eb7e5c28.tar.xz |
Modified html.lua and viewlibrary.lua and all html files to html_escape variables before displaying them.
git-svn-id: svn://svn.alpinelinux.org/acf/shorewall/trunk@1678 ab2d0c66-481e-0410-8bed-d214d4d58bed
Diffstat (limited to 'shorewall-listfiles-html.lsp')
-rw-r--r-- | shorewall-listfiles-html.lsp | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/shorewall-listfiles-html.lsp b/shorewall-listfiles-html.lsp index 3e1c035..0c36913 100644 --- a/shorewall-listfiles-html.lsp +++ b/shorewall-listfiles-html.lsp @@ -15,7 +15,7 @@ io.write("</span>") viewlibrary.dispatch_component("status") end %> -<h1><%= data.label %></h1> +<h1><%= html.html_escape(data.label) %></h1> <TABLE> <TR style="background:#eee;font-weight:bold;"> @@ -28,13 +28,13 @@ end %> <% for i,file in ipairs(data.value) do %> <TR> <TD style="padding-right:20px;white-space:nowrap;"><%= html.link{value = "edit?filename=" .. file.filename.."&redir="..page_info.orig_action, label=file.filename} %></TD> - <TD style="padding-right:20px;white-space:nowrap;"><%= file.filesize %></TD> - <TD style="white-space:nowrap;" width="90%"><%= file.mtime %></TD> + <TD style="padding-right:20px;white-space:nowrap;"><%= html.html_escape(file.filesize) %></TD> + <TD style="white-space:nowrap;" width="90%"><%= html.html_escape(file.mtime) %></TD> </TR> <% end %> </TABLE> <DL> -<form action="<%= page_info.script .. page_info.prefix .. page_info.controller .. "/check" %>"> +<form action="<%= html.html_escape(page_info.script .. page_info.prefix .. page_info.controller .. "/check") %>"> <DT>Check Configuration</DT> <DD><input class="submit" type="submit" value="Check"></DD> </form> |