frodovdr/node-red
1
0
Fork 0
mirror of https://github.com/node-red/node-red.git synced 2023-10-10 13:36:53 +02:00
Code Issues Releases Wiki Activity

Escape all user input

Browse Source
This commit is contained in:
bartbutenaers 2021-02-23 00:00:23 +01:00 committed by GitHub
parent 0fef2ab509
commit 02d1369d5b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
packages/node_modules/@node-red/editor-client/src/js/ui/common/editableList.js vendored
View File

@ -94,19 +94,7 @@
}
buttons.forEach(function(button) {
var text = "";
var titleAttribute="";
if (button.icon) {
text = '<i class="'+button.icon+'"></i> ';
}
if (button.label) {
text += button.label;
}
if (button.title) {
titleAttribute = 'title="'+button.title+'"';
}
$('<a href="#" class="red-ui-button red-ui-button-small red-ui-editableList-addButton" style="margin-top: 4px; margin-right: 5px;" '+titleAttribute+'></a>')
.text(text)
var element = $('<a href="#" class="red-ui-button red-ui-button-small red-ui-editableList-addButton" style="margin-top: 4px; margin-right: 5px;"></a>')
.appendTo(that.topContainer)
.on("click", function(evt) {
evt.preventDefault();
@ -114,6 +102,16 @@
button.click(evt);
}
});
if (button.title) {
element.attr("title", button.title);
}
if (button.icon) {
element.append($("<i></i>").attr("class", button.icon));
}
if (button.label) {
element.append($("<span></span>").text(" " + button.label));
}
});
if (this.element.css("position") === "absolute") {