diff options
| author | Stephen Beaver <sbeaver@netgate.com> | 2016-01-19 08:18:08 -0500 |
|---|---|---|
| committer | Stephen Beaver <sbeaver@netgate.com> | 2016-01-19 08:18:51 -0500 |
| commit | 8a34b991c0e005889616718c32edc3b4e7c5aeac (patch) | |
| tree | d4f9b52b618656441b9e5a443e64ff33bcae6f40 /src/usr/local/www/firewall_rules.php | |
| parent | 94c28751a38ec30a5055f0a022014d4a91477215 (diff) | |
| download | pfsense-8a34b991c0e005889616718c32edc3b4e7c5aeac.zip pfsense-8a34b991c0e005889616718c32edc3b4e7c5aeac.tar.gz | |
Add Javascript htmlchars() equivalent to dynamically created inputs
Temporarily remove function that broke action icons
Diffstat (limited to 'src/usr/local/www/firewall_rules.php')
| -rw-r--r-- | src/usr/local/www/firewall_rules.php | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/src/usr/local/www/firewall_rules.php b/src/usr/local/www/firewall_rules.php index f416353..6e57c92 100644 --- a/src/usr/local/www/firewall_rules.php +++ b/src/usr/local/www/firewall_rules.php @@ -761,7 +761,7 @@ events.push(function() { $("#btnnewsep").prop('type' ,'button'); $("#btnnewsep").click(function() { - var septext = $('#newsep').val(); + var septext = escapeHtml($('#newsep').val()); $('#ruletable > tbody:last >tr:last').remove(); $('#ruletable > tbody:last').append('<tr class="ui-sortable-handle">' + '<td bgcolor="#cce5ff" colspan="11">' + '<font color="#002699">' + septext + '</font></td>' + @@ -769,13 +769,25 @@ events.push(function() { '</tr>'); }); }); - +/* $(function(){ $('table').on('click','tr a',function(e){ e.preventDefault(); $(this).parents('tr').remove(); }); }); +*/ + function escapeHtml(text) { + var map = { + '&': '&', + '<': '<', + '>': '>', + '"': '"', + "'": ''' + }; + + return text.replace(/[&<>"']/g, function(m) { return map[m]; }); + } }); //]]> </script> |
