Final fix for escaping html special chars in tables
This commit is contained in:
parent
d4cfad6363
commit
1fa267ce1b
File diff suppressed because one or more lines are too long
|
@ -3,6 +3,7 @@
|
||||||
<th data-field="{{ parameter }}" id="{{ parameter }}"
|
<th data-field="{{ parameter }}" id="{{ parameter }}"
|
||||||
{% if sort %}data-sortable="true" {% endif %}
|
{% if sort %}data-sortable="true" {% endif %}
|
||||||
data-visible = "{{visiblility.get(parameter)}}"
|
data-visible = "{{visiblility.get(parameter)}}"
|
||||||
|
data-escape="true"
|
||||||
{% if g.user.role_edit() %}
|
{% if g.user.role_edit() %}
|
||||||
data-editable-type="text"
|
data-editable-type="text"
|
||||||
data-editable-url="{{ url_for('editbook.edit_list_book', param=parameter)}}"
|
data-editable-url="{{ url_for('editbook.edit_list_book', param=parameter)}}"
|
||||||
|
|
|
@ -81,7 +81,7 @@
|
||||||
<table class="table table-no-bordered" id="domain-allow-table" data-url="{{url_for('admin.list_domain', allow=1)}}" data-id-field="id" data-show-header="false" data-editable-mode="inline">
|
<table class="table table-no-bordered" id="domain-allow-table" data-url="{{url_for('admin.list_domain', allow=1)}}" data-id-field="id" data-show-header="false" data-editable-mode="inline">
|
||||||
<thead>
|
<thead>
|
||||||
<tr>
|
<tr>
|
||||||
<th data-field="domain" id="domain-allow" data-editable-type="text" data-editable-url="{{ url_for('admin.edit_domain', allow = 1)}}" data-editable="true" data-editable-title="{{_('Enter domainname')}}"></th>
|
<th data-field="domain" id="domain-allow" data-escape="true" data-editable-type="text" data-editable-url="{{ url_for('admin.edit_domain', allow = 1)}}" data-editable="true" data-editable-title="{{_('Enter domainname')}}"></th>
|
||||||
<th data-field="id" id="id-allow" data-visible="false"></th>
|
<th data-field="id" id="id-allow" data-visible="false"></th>
|
||||||
<th data-align="right" data-formatter="TableActions"></th>
|
<th data-align="right" data-formatter="TableActions"></th>
|
||||||
</tr>
|
</tr>
|
||||||
|
@ -91,7 +91,7 @@
|
||||||
<table class="table table-no-bordered" id="domain-deny-table" data-url="{{url_for('admin.list_domain', allow=0)}}" data-id-field="id" data-show-header="false" data-editable-mode="inline">
|
<table class="table table-no-bordered" id="domain-deny-table" data-url="{{url_for('admin.list_domain', allow=0)}}" data-id-field="id" data-show-header="false" data-editable-mode="inline">
|
||||||
<thead>
|
<thead>
|
||||||
<tr>
|
<tr>
|
||||||
<th data-field="domain" id="domain-deny" data-editable-type="text" data-editable-url="{{ url_for('admin.edit_domain', allow = 0)}}" data-editable="true" data-editable-title="{{_('Enter domainname')}}"></th>
|
<th data-field="domain" id="domain-deny" data-escape="true" data-editable-type="text" data-editable-url="{{ url_for('admin.edit_domain', allow = 0)}}" data-editable="true" data-editable-title="{{_('Enter domainname')}}"></th>
|
||||||
<th data-field="id" id="id-deny" data-visible="false"></th>
|
<th data-field="id" id="id-deny" data-visible="false"></th>
|
||||||
<th data-align="right" data-formatter="TableActions"></th>
|
<th data-align="right" data-formatter="TableActions"></th>
|
||||||
</tr>
|
</tr>
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
<table class="table table-no-bordered" id="restrict-elements-table" data-id-field="id" data-show-header="false" data-editable-mode="inline">
|
<table class="table table-no-bordered" id="restrict-elements-table" data-id-field="id" data-show-header="false" data-editable-mode="inline">
|
||||||
<thead>
|
<thead>
|
||||||
<tr>
|
<tr>
|
||||||
<th data-field="Element" id="Element" data-editable-type="text" data-editable="true" data-editable-title="{{_('Enter Tag')}}"></th>
|
<th data-field="Element" id="Element" data-escape="true" data-editable-type="text" data-editable="true" data-editable-title="{{_('Enter Tag')}}"></th>
|
||||||
<th data-field="type" id="type" data-visible="true"></th>
|
<th data-field="type" id="type" data-visible="true"></th>
|
||||||
<th data-field="id" id="id" data-visible="false"></th>
|
<th data-field="id" id="id" data-visible="false"></th>
|
||||||
<th data-align="right" data-formatter="RestrictionActions"></th>
|
<th data-align="right" data-formatter="RestrictionActions"></th>
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
{% macro user_table_row(parameter, edit_text, show_text, validate, elements=False) -%}
|
{% macro user_table_row(parameter, edit_text, show_text, validate, elements=False) -%}
|
||||||
<th data-field="{{ parameter }}" id="{{ parameter }}"
|
<th data-field="{{ parameter }}" id="{{ parameter }}"
|
||||||
data-name="{{ parameter }}"
|
data-name="{{ parameter }}"
|
||||||
|
data-escape="true"
|
||||||
data-visible="{{visiblility.get(parameter)}}"
|
data-visible="{{visiblility.get(parameter)}}"
|
||||||
data-editable-type="text"
|
data-editable-type="text"
|
||||||
data-editable-url="{{ url_for('admin.edit_list_user', param=parameter)}}"
|
data-editable-url="{{ url_for('admin.edit_list_user', param=parameter)}}"
|
||||||
|
@ -68,7 +69,7 @@
|
||||||
<th data-field="{{ parameter }}" id="{{ parameter }}"
|
<th data-field="{{ parameter }}" id="{{ parameter }}"
|
||||||
data-name="{{ parameter }}"
|
data-name="{{ parameter }}"
|
||||||
data-visible="{{visiblility.get(parameter)}}"
|
data-visible="{{visiblility.get(parameter)}}"
|
||||||
data-editable-type="select"
|
data-escape="true"
|
||||||
data-edit="true"
|
data-edit="true"
|
||||||
data-sortable="true"
|
data-sortable="true"
|
||||||
data-editable-url="{{ url_for('admin.edit_list_user', param=parameter)}}"
|
data-editable-url="{{ url_for('admin.edit_list_user', param=parameter)}}"
|
||||||
|
|
Loading…
Reference in New Issue
Block a user