diff options
Diffstat (limited to 'interfaces-read-html.lsp')
| -rw-r--r-- | interfaces-read-html.lsp | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/interfaces-read-html.lsp b/interfaces-read-html.lsp index d0984dc..7504a1f 100644 --- a/interfaces-read-html.lsp +++ b/interfaces-read-html.lsp @@ -11,10 +11,10 @@ io.write("</span>") <% showoption = function(option) if option.errtxt or option.value ~= "" then %> - <TR><TD WIDTH='120px' STYLE='font-weight:bold;border:none;'><%= option.label %></TD> + <TR><TD WIDTH='120px' STYLE='font-weight:bold;border:none;'><%= html.html_escape(option.label) %></TD> <TD STYLE='border:none;'<% if option.errtxt then io.write("class='error'") end %>> - <%= string.gsub(tostring(option.value), "\n", "<BR>") %> - <% if option.errtxt then io.write("<BR>"..option.errtxt) end %> + <%= string.gsub(html.html_escape(tostring(option.value)), "\n", "<BR>") %> + <% if option.errtxt then io.write("<BR>"..html.html_escape(option.errtxt)) end %> </TD></TR> <% end %> <% end %> @@ -29,7 +29,7 @@ end %> <DL> <% for i,entry in ipairs(view.value) do local interface = entry.value %> - <DT><IMG SRC='/skins/static/tango/16x16/devices/network-wired.png' width='16' height='16'> <%= interface.name.value %></DT><DD> + <DT><IMG SRC='/skins/static/tango/16x16/devices/network-wired.png' width='16' height='16'> <%= html.html_escape(interface.name.value) %></DT><DD> <TABLE STYLE='margin-bottom:10px'> <% @@ -42,16 +42,16 @@ end %> end %> <TR> <% if session.permissions.interfaces.update then %> - <A HREF='update?name=<%= interface.name.value %>&redir=read'>Edit </A> + <A HREF='update?name=<%= html.html_escape(interface.name.value) %>&redir=read'>Edit </A> <% end if session.permissions.interfaces.delete then %> - <A HREF='delete?name=<%= interface.name.value %>'>Delete </A> + <A HREF='delete?name=<%= html.html_escape(interface.name.value) %>'>Delete </A> <% end if session.permissions.interfaces.ifup then %> - <A HREF='ifup?name=<%= interface.name.value %>'>ifup </A> + <A HREF='ifup?name=<%= html.html_escape(interface.name.value) %>'>ifup </A> <% end if session.permissions.interfaces.ifdown then %> - <A HREF='ifdown?name=<%= interface.name.value %>'>ifdown </A> + <A HREF='ifdown?name=<%= html.html_escape(interface.name.value) %>'>ifdown </A> <% end %> </TR> </TABLE> @@ -63,5 +63,5 @@ end %> <P class="error">WARNING!!! Restarting networking may cause the ACF web interface to stop functioning. Try refreshing this page after restarting. If that fails, you may have to use terminal access to recover.</P> <DL> <DT>Restart Networking</DT> -<DD><form action="<%= page_info.script .. page_info.prefix .. page_info.controller .. "/restart" %>"><input class="submit" type="submit" value="Restart"></form></DD> +<DD><form action="<%= html.html_escape(page_info.script .. page_info.prefix .. page_info.controller .. "/restart") %>"><input class="submit" type="submit" value="Restart"></form></DD> </DL> |