diff options
-rw-r--r-- | tcpproxy-editsmtpentry-html.lsp | 2 | ||||
-rw-r--r-- | tcpproxy-listsmtpentries-html.lsp | 6 | ||||
-rw-r--r-- | tcpproxy-listsmtpfiles-html.lsp | 4 |
3 files changed, 6 insertions, 6 deletions
diff --git a/tcpproxy-editsmtpentry-html.lsp b/tcpproxy-editsmtpentry-html.lsp index 4d5c816..148a24e 100644 --- a/tcpproxy-editsmtpentry-html.lsp +++ b/tcpproxy-editsmtpentry-html.lsp @@ -2,7 +2,7 @@ require("viewfunctions") %> -<H1><%= form.label %></H1> +<H1><%= html.html_escape(form.label) %></H1> <% form.action = page_info.script .. page_info.prefix .. page_info.controller .. "/" .. page_info.action form.value.ipaddr.readonly = true diff --git a/tcpproxy-listsmtpentries-html.lsp b/tcpproxy-listsmtpentries-html.lsp index 87809a9..9a48e7b 100644 --- a/tcpproxy-listsmtpentries-html.lsp +++ b/tcpproxy-listsmtpentries-html.lsp @@ -23,9 +23,9 @@ require("viewfunctions") <%= html.link{value=page_info.script..page_info.prefix..page_info.controller.."/delsmtpentry?ipaddr="..(interface.ipaddr or interface.interface), label="Delete "} %> <% end %> </TD> - <TD style="padding-right:20px;white-space:nowrap;"><%= interface.interface or "" %></TD> - <TD style="padding-right:20px;white-space:nowrap;"><%= interface.ipaddr or "" %></TD> - <TD style="white-space:nowrap;"><%= interface.cmd or "" %></TD> + <TD style="padding-right:20px;white-space:nowrap;"><%= html.html_escape(interface.interface) %></TD> + <TD style="padding-right:20px;white-space:nowrap;"><%= html.html_escape(interface.ipaddr) %></TD> + <TD style="white-space:nowrap;"><%= html.html_escape(interface.cmd) %></TD> </TR> <% end %> </TABLE> diff --git a/tcpproxy-listsmtpfiles-html.lsp b/tcpproxy-listsmtpfiles-html.lsp index 5de93ba..40c8161 100644 --- a/tcpproxy-listsmtpfiles-html.lsp +++ b/tcpproxy-listsmtpfiles-html.lsp @@ -22,7 +22,7 @@ require("viewfunctions") <%= html.link{value=page_info.script..page_info.prefix..page_info.controller.."/delsmtpfile?filename="..file, label="Delete "} %> <% end %> </TD> - <TD style="white-space:nowrap;"><%= file %></TD> + <TD style="white-space:nowrap;"><%= html.html_escape(file) %></TD> </TR> <% end %> </TABLE> @@ -30,7 +30,7 @@ require("viewfunctions") <% if viewlibrary and viewlibrary.dispatch_component and session.permissions.tcpproxy.createsmtpfile then local createform = viewlibrary.dispatch_component("createsmtpfile", nil, true) %> -<H2><%= createform.label %></H2> +<H2><%= html.html_escape(createform.label) %></H2> <% createform.action = page_info.script .. page_info.prefix .. page_info.controller .. "/createsmtpfile" displayform(createform) |