Final fix for escaping html special chars in tables

This commit is contained in:
Ozzie Isaacs 2021-08-28 15:47:57 +02:00
parent d4cfad6363
commit 1fa267ce1b
5 changed files with 7 additions and 5 deletions

File diff suppressed because one or more lines are too long

View File

@ -3,6 +3,7 @@
<th data-field="{{ parameter }}" id="{{ parameter }}" <th data-field="{{ parameter }}" id="{{ parameter }}"
{% if sort %}data-sortable="true" {% endif %} {% if sort %}data-sortable="true" {% endif %}
data-visible = "{{visiblility.get(parameter)}}" data-visible = "{{visiblility.get(parameter)}}"
data-escape="true"
{% if g.user.role_edit() %} {% if g.user.role_edit() %}
data-editable-type="text" data-editable-type="text"
data-editable-url="{{ url_for('editbook.edit_list_book', param=parameter)}}" data-editable-url="{{ url_for('editbook.edit_list_book', param=parameter)}}"

View File

@ -81,7 +81,7 @@
<table class="table table-no-bordered" id="domain-allow-table" data-url="{{url_for('admin.list_domain', allow=1)}}" data-id-field="id" data-show-header="false" data-editable-mode="inline"> <table class="table table-no-bordered" id="domain-allow-table" data-url="{{url_for('admin.list_domain', allow=1)}}" data-id-field="id" data-show-header="false" data-editable-mode="inline">
<thead> <thead>
<tr> <tr>
<th data-field="domain" id="domain-allow" data-editable-type="text" data-editable-url="{{ url_for('admin.edit_domain', allow = 1)}}" data-editable="true" data-editable-title="{{_('Enter domainname')}}"></th> <th data-field="domain" id="domain-allow" data-escape="true" data-editable-type="text" data-editable-url="{{ url_for('admin.edit_domain', allow = 1)}}" data-editable="true" data-editable-title="{{_('Enter domainname')}}"></th>
<th data-field="id" id="id-allow" data-visible="false"></th> <th data-field="id" id="id-allow" data-visible="false"></th>
<th data-align="right" data-formatter="TableActions"></th> <th data-align="right" data-formatter="TableActions"></th>
</tr> </tr>
@ -91,7 +91,7 @@
<table class="table table-no-bordered" id="domain-deny-table" data-url="{{url_for('admin.list_domain', allow=0)}}" data-id-field="id" data-show-header="false" data-editable-mode="inline"> <table class="table table-no-bordered" id="domain-deny-table" data-url="{{url_for('admin.list_domain', allow=0)}}" data-id-field="id" data-show-header="false" data-editable-mode="inline">
<thead> <thead>
<tr> <tr>
<th data-field="domain" id="domain-deny" data-editable-type="text" data-editable-url="{{ url_for('admin.edit_domain', allow = 0)}}" data-editable="true" data-editable-title="{{_('Enter domainname')}}"></th> <th data-field="domain" id="domain-deny" data-escape="true" data-editable-type="text" data-editable-url="{{ url_for('admin.edit_domain', allow = 0)}}" data-editable="true" data-editable-title="{{_('Enter domainname')}}"></th>
<th data-field="id" id="id-deny" data-visible="false"></th> <th data-field="id" id="id-deny" data-visible="false"></th>
<th data-align="right" data-formatter="TableActions"></th> <th data-align="right" data-formatter="TableActions"></th>
</tr> </tr>

View File

@ -12,7 +12,7 @@
<table class="table table-no-bordered" id="restrict-elements-table" data-id-field="id" data-show-header="false" data-editable-mode="inline"> <table class="table table-no-bordered" id="restrict-elements-table" data-id-field="id" data-show-header="false" data-editable-mode="inline">
<thead> <thead>
<tr> <tr>
<th data-field="Element" id="Element" data-editable-type="text" data-editable="true" data-editable-title="{{_('Enter Tag')}}"></th> <th data-field="Element" id="Element" data-escape="true" data-editable-type="text" data-editable="true" data-editable-title="{{_('Enter Tag')}}"></th>
<th data-field="type" id="type" data-visible="true"></th> <th data-field="type" id="type" data-visible="true"></th>
<th data-field="id" id="id" data-visible="false"></th> <th data-field="id" id="id" data-visible="false"></th>
<th data-align="right" data-formatter="RestrictionActions"></th> <th data-align="right" data-formatter="RestrictionActions"></th>

View File

@ -2,6 +2,7 @@
{% macro user_table_row(parameter, edit_text, show_text, validate, elements=False) -%} {% macro user_table_row(parameter, edit_text, show_text, validate, elements=False) -%}
<th data-field="{{ parameter }}" id="{{ parameter }}" <th data-field="{{ parameter }}" id="{{ parameter }}"
data-name="{{ parameter }}" data-name="{{ parameter }}"
data-escape="true"
data-visible="{{visiblility.get(parameter)}}" data-visible="{{visiblility.get(parameter)}}"
data-editable-type="text" data-editable-type="text"
data-editable-url="{{ url_for('admin.edit_list_user', param=parameter)}}" data-editable-url="{{ url_for('admin.edit_list_user', param=parameter)}}"
@ -68,7 +69,7 @@
<th data-field="{{ parameter }}" id="{{ parameter }}" <th data-field="{{ parameter }}" id="{{ parameter }}"
data-name="{{ parameter }}" data-name="{{ parameter }}"
data-visible="{{visiblility.get(parameter)}}" data-visible="{{visiblility.get(parameter)}}"
data-editable-type="select" data-escape="true"
data-edit="true" data-edit="true"
data-sortable="true" data-sortable="true"
data-editable-url="{{ url_for('admin.edit_list_user', param=parameter)}}" data-editable-url="{{ url_for('admin.edit_list_user', param=parameter)}}"