[tryton-commits] changeset in sao:default Sanitize translated RichtText fields co...

Cédric Krier Fri, 10 Jul 2020 01:07:34 -0700

changeset b5f7ef0fe692 in sao:default
details: https://hg.tryton.org/sao?cmd=changeset;node=b5f7ef0fe692
description:
        Sanitize translated RichtText fields content


        issue9453
        review305991002
diffstat:

 CHANGELOG        |  1 +
 src/view/form.js |  8 ++++----
 2 files changed, 5 insertions(+), 4 deletions(-)

diffs (28 lines):

diff -r 8a9f4bbcbd4d -r b5f7ef0fe692 CHANGELOG
--- a/CHANGELOG Thu Jul 09 00:34:01 2020 +0200
+++ b/CHANGELOG Fri Jul 10 09:00:01 2020 +0200
@@ -1,3 +1,4 @@
+* Sanitize translated RichtText fields content (issue9453)
 * Allow configuration of default colors for graph and calendar
 * Sanitize RichtText fields content (issue9405)
 * Escape external string (issue9394)
diff -r 8a9f4bbcbd4d -r b5f7ef0fe692 src/view/form.js
--- a/src/view/form.js  Thu Jul 09 00:34:01 2020 +0200
+++ b/src/view/form.js  Fri Jul 10 09:00:01 2020 +0200
@@ -2342,12 +2342,12 @@
             el.find('div[contenteditable]').prop('contenteditable', !value);
         },
         translate_widget_set: function(el, value) {
-            el.find('div[contenteditable]').html(value);
+            el.find('div[contenteditable]').html(
+                Sao.HtmlSanitizer.sanitize(value || ''));
         },
         translate_widget_get: function(el) {
-            var input = el.find('div[contenteditable]');
-            this._normalize(input);
-            return input.html();
+            return this._normalize_markup(
+                el.find('div[contenteditable]').html());
         }
     });

[tryton-commits] changeset in sao:default Sanitize translated RichtText fields co...

Reply via email to