[new console] Name Bindings value not properly HTML encoded

RestComm / jain-slee

The World's #1 Open Source JAIN-SLEE (JSLEE) 1.1 Implementation

http://www.restcomm.com/

GNU Affero General Public License v3.0

24 stars 50 forks source link

[new console] Name Bindings value not properly HTML encoded #73

Closed SergeyLee closed 7 years ago

SergeyLee commented 8 years ago

Our application uses uses the characters "<" and ">" when binding certain ACIs. The value of "Name Bindings" (under "Activites") in the GUI does not support encoding of these characters and the name is wrong.

Example: A binding named "Foo" is presented as "Foo" (unless you inspect the HTML).

SergeyLee commented 7 years ago

I added function:

function htmlEncode(value){
    return $('<div/>').text(value).html();
}

and fixed here

https://github.com/RestComm/jain-slee/blob/2.x/tools/slee-console-new/src/main/webapp/modules/activities.html#L128

Name Bindings value as

'<dt>Name Bindings</dt> <dd>' + (this[NAMES_BOUND_TO] && this[NAMES_BOUND_TO].length > 0 ? htmlEncode(this[NAMES_BOUND_TO]) : '-') + '</dd>' +