inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

- strip dangerous html for blog/discussions/comments

Browse Source 
- fix for wrong-working all-filter in forum

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@10520 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Michael Ru
2008-08-26 14:53:36 +00:00
parent 0cbea60cf6
commit 2dc4ddcef0
5 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
config/alfresco/templates/webscripts/org/alfresco/repository/blogs/blogpost.lib.ftl
View File

@@ -16,9 +16,9 @@
<#macro addContent item> <#macro addContent item>
<#escape x as jsonUtils.encodeJSONString(x)> <#escape x as jsonUtils.encodeJSONString(x)>
<#if (contentLength?? && contentLength > -1 && (item.node.content?length > contentLength))> <#if (contentLength?? && contentLength > -1 && (item.node.content?length > contentLength))>
"content" : "${item.node.content?substring(0, contentLength)}", "content" : "${stringUtils.stripUnsafeHTML(item.node.content?substring(0, contentLength))}",
<#else> <#else>
"content" : "${item.node.content}", "content" : "${stringUtils.stripUnsafeHTML(item.node.content)}",
</#if> </#if>
</#escape> </#escape>
</#macro> </#macro>

2
config/alfresco/templates/webscripts/org/alfresco/repository/blogs/posts/blog-posts.get.js
View File

@@ -72,7 +72,7 @@ function main()
} }
// selected tag // selected tag
var tag = args["tag"] != undefined && args["tag"].length > 0 ? args["tag"] : null; var tag = (args["tag"] != undefined && args["tag"].length > 0) ? args["tag"] : null;
// fetch and assign the data // fetch and assign the data
model.data = getBlogPostList(node, fromDate, toDate, tag, index, count); model.data = getBlogPostList(node, fromDate, toDate, tag, index, count);

2
config/alfresco/templates/webscripts/org/alfresco/repository/comments/comment.lib.ftl
View File

@@ -24,7 +24,7 @@
"nodeRef" : "${item.node.nodeRef}", "nodeRef" : "${item.node.nodeRef}",
"name" : "${item.node.properties.name!''}", "name" : "${item.node.properties.name!''}",
"title" : "${item.node.properties.title!''}", "title" : "${item.node.properties.title!''}",
"content" : "${item.node.content}", "content" : "${stringUtils.stripUnsafeHTML(item.node.content)}",
<#if item.author??> <#if item.author??>
<@renderPerson person=item.author fieldName="author" /> <@renderPerson person=item.author fieldName="author" />
<#else> <#else>

2
config/alfresco/templates/webscripts/org/alfresco/repository/discussions/forum/forum-posts.get.js
View File

@@ -36,7 +36,7 @@ function main()
var count = args["pageSize"] != undefined ? parseInt(args["pageSize"]) : 10; var count = args["pageSize"] != undefined ? parseInt(args["pageSize"]) : 10;
// selected tag // selected tag
var tag = args["tag"] != undefined && args["tag"].length > 0 ? args["tag"] : null; var tag = (args["tag"] != undefined && args["tag"].length > 0) ? args["tag"] : null;
model.data = getTopicPostList(node, tag, index, count); model.data = getTopicPostList(node, tag, index, count);

4
config/alfresco/templates/webscripts/org/alfresco/repository/discussions/post.lib.ftl
View File

@@ -16,9 +16,9 @@
<#macro addContent post> <#macro addContent post>
<#escape x as jsonUtils.encodeJSONString(x)> <#escape x as jsonUtils.encodeJSONString(x)>
<#if (contentLength?? && contentLength > -1 && (post.content?length > contentLength))> <#if (contentLength?? && contentLength > -1 && (post.content?length > contentLength))>
"content" : "${post.content?substring(0, contentLength)}", "content" : "${stringUtils.stripUnsafeHTML(post.content?substring(0, contentLength))}",
<#else> <#else>
"content" : "${post.content}", "content" : "${stringUtils.stripUnsafeHTML(post.content)}",
</#if> </#if>
</#escape> </#escape>
</#macro> </#macro>