summaryrefslogtreecommitdiffstats
path: root/tinydns-listpermissions-html.lsp
diff options
context:
space:
mode:
Diffstat (limited to 'tinydns-listpermissions-html.lsp')
-rw-r--r--tinydns-listpermissions-html.lsp6
1 files changed, 3 insertions, 3 deletions
diff --git a/tinydns-listpermissions-html.lsp b/tinydns-listpermissions-html.lsp
index fc80db9..55d09b5 100644
--- a/tinydns-listpermissions-html.lsp
+++ b/tinydns-listpermissions-html.lsp
@@ -6,7 +6,7 @@
<% displaycommandresults({"edituserpermisisons", "editrolepermissions"}, session) %>
-<H1><%= view.label %></H1>
+<H1><%= html.html_escape(view.label) %></H1>
<H2>User Permissions</H2>
<TABLE>
@@ -14,7 +14,7 @@
<% for i,user in ipairs(view.value.user) do %>
<TR><TD><%= html.link{value=page_info.script .. page_info.prefix .. page_info.controller .. "/edituserpermissions?userid=" .. user.id .. "&redir="..page_info.orig_action, label=user.id} %></TD><TD>
<% for y,allowed in pairs(user.allowed) do
- print(allowed, "<BR>")
+ print(html.html_escape(allowed), "<BR>")
end %>
<TD></TR>
<% end %>
@@ -26,7 +26,7 @@
<% for i,role in ipairs(view.value.role) do %>
<TR><TD><%= html.link{value=page_info.script .. page_info.prefix .. page_info.controller .. "/editrolepermissions?role=" .. role.id .. "&redir="..page_info.orig_action, label=role.id} %></TD><TD>
<% for y,allowed in pairs(role.allowed) do
- print(allowed, "<BR>")
+ print(html.html_escape(allowed), "<BR>")
end %>
<TD></TR>
<% end %>
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-18 11:53:27 +0000