mirror of
https://github.com/nextcloud/passman.git
synced 2025-11-07 03:26:06 +08:00
add angular based own escapeHTML filter
This commit is contained in:
binsky
parent
8b2eeb9eb2
commit
c80ebf3449
5 changed files with 44 additions and 14 deletions
|
|
@ -31,7 +31,7 @@
|
|||
* Controller of the passmanApp
|
||||
*/
|
||||
angular.module('passmanApp')
|
||||
.controller('PublicSharedCredential', ['$scope', 'ShareService', '$window', 'EncryptService', 'NotificationService', '$translate', function ($scope, ShareService, $window, EncryptService, NotificationService, $translate) {
|
||||
.controller('PublicSharedCredential', ['$scope', 'ShareService', '$window', 'EncryptService', 'NotificationService', '$translate', 'escapeHTMLFilter', function ($scope, ShareService, $window, EncryptService, NotificationService, $translate, escapeHTMLFilter) {
|
||||
var _key;
|
||||
$scope.loading = false;
|
||||
$scope.loadSharedCredential = function () {
|
||||
|
|
@ -58,7 +58,7 @@
|
|||
return;
|
||||
}
|
||||
var file_data = EncryptService.decryptString(result.file_data, _key);
|
||||
download(file_data, ShareService.escapeHTML(file.filename), file.mimetype);
|
||||
download(file_data, escapeHTMLFilter(file.filename), file.mimetype);
|
||||
});
|
||||
};
|
||||
}]);
|
||||
|
|
|
|||
|
|
@ -29,8 +29,8 @@
|
|||
* # passwordGen
|
||||
*/
|
||||
angular.module('passmanApp')
|
||||
.directive('credentialTemplate', ['EncryptService', '$translate', 'FileService', 'ShareService', 'NotificationService', 'CredentialService',
|
||||
function (EncryptService, $translate, FileService, ShareService, NotificationService, CredentialService) {
|
||||
.directive('credentialTemplate', ['EncryptService', '$translate', 'FileService', 'ShareService', 'NotificationService', 'CredentialService', 'escapeHTMLFilter',
|
||||
function (EncryptService, $translate, FileService, ShareService, NotificationService, CredentialService, escapeHTMLFilter) {
|
||||
return {
|
||||
templateUrl: 'views/partials/credential_template.html',
|
||||
replace: true,
|
||||
|
|
@ -49,7 +49,7 @@
|
|||
|
||||
}
|
||||
var file_data = EncryptService.decryptString(result.file_data, key);
|
||||
download(file_data, ShareService.escapeHTML(file.filename), file.mimetype);
|
||||
download(file_data, escapeHTMLFilter(file.filename), file.mimetype);
|
||||
|
||||
};
|
||||
|
||||
|
|
|
|||
38
js/app/filters/escapeHTML.js
Normal file
38
js/app/filters/escapeHTML.js
Normal file
|
|
@ -0,0 +1,38 @@
|
|||
/**
|
||||
* Nextcloud - passman
|
||||
*
|
||||
* @copyright Copyright (c) 2016, Sander Brand (brantje@gmail.com)
|
||||
* @copyright Copyright (c) 2016, Marcos Zuriaga Miguel (wolfi@wolfi.es)
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
(function () {
|
||||
'use strict';
|
||||
|
||||
/**
|
||||
* @ngdoc filter
|
||||
* @name passmanApp.filter:escapeHTML
|
||||
* @function
|
||||
* @description Sanitizes a HTML string by replacing all potential dangerous characters with HTML entities
|
||||
*/
|
||||
angular.module('passmanApp')
|
||||
.filter('escapeHTML', function () {
|
||||
return function (s) {
|
||||
return s.toString().split('&').join('&').split('<').join('<').split('>').join('>').split('"').join('"').split('\'').join(''');
|
||||
};
|
||||
});
|
||||
}());
|
||||
|
|
@ -310,15 +310,6 @@
|
|||
|
||||
setTimeout(workload.bind(this), 0);
|
||||
});
|
||||
},
|
||||
|
||||
/**
|
||||
* Sanitizes a HTML string by replacing all potential dangerous characters with HTML entities
|
||||
* @param {string} s String to sanitize
|
||||
* @return {string} Sanitized string
|
||||
*/
|
||||
escapeHTML: function (s) {
|
||||
return s.toString().split('&').join('&').split('<').join('<').split('>').join('>').split('"').join('"').split('\'').join(''');
|
||||
}
|
||||
};
|
||||
}]);
|
||||
|
|
|
|||
|
|
@ -51,6 +51,7 @@ script('passman', 'app/filters/range');
|
|||
script('passman', 'app/filters/propsfilter');
|
||||
script('passman', 'app/filters/byte');
|
||||
script('passman', 'app/filters/tagfilter');
|
||||
script('passman', 'app/filters/escapeHTML');
|
||||
script('passman', 'app/filters/as');
|
||||
script('passman', 'app/filters/credentialsearch');
|
||||
script('passman', 'app/filters/toHHMMSS');
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue