From 7501c1e7414f71a44feef23937505bd3eb7e5c28 Mon Sep 17 00:00:00 2001 From: Ted Trask Date: Thu, 15 Jan 2009 21:44:39 +0000 Subject: Modified html.lua and viewlibrary.lua and all html files to html_escape variables before displaying them. git-svn-id: svn://svn.alpinelinux.org/acf/shorewall/trunk@1678 ab2d0c66-481e-0410-8bed-d214d4d58bed --- shorewall-details-html.lsp | 4 ++-- shorewall-listfiles-html.lsp | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/shorewall-details-html.lsp b/shorewall-details-html.lsp index d5a65ec..06436b0 100644 --- a/shorewall-details-html.lsp +++ b/shorewall-details-html.lsp @@ -13,7 +13,7 @@ io.write("") viewlibrary.dispatch_component("status") end %> -

<%= data.label %>

+

<%= html.html_escape(data.label) %>

-<%= data.value %>
+<%= html.html_escape(data.value) %>
diff --git a/shorewall-listfiles-html.lsp b/shorewall-listfiles-html.lsp index 3e1c035..0c36913 100644 --- a/shorewall-listfiles-html.lsp +++ b/shorewall-listfiles-html.lsp @@ -15,7 +15,7 @@ io.write("") viewlibrary.dispatch_component("status") end %> -

<%= data.label %>

+

<%= html.html_escape(data.label) %>

@@ -28,13 +28,13 @@ end %> <% for i,file in ipairs(data.value) do %> - - + + <% end %>
<%= html.link{value = "edit?filename=" .. file.filename.."&redir="..page_info.orig_action, label=file.filename} %><%= file.filesize %><%= file.mtime %><%= html.html_escape(file.filesize) %><%= html.html_escape(file.mtime) %>
-
"> +">
Check Configuration
-- cgit v1.2.3