Shahar Havivi has submitted this change and it was merged. Change subject: ui: remove Escape characters for TextBoxLabel ......................................................................
ui: remove Escape characters for TextBoxLabel The reason that we use: SafeHtmlUtils.htmlEscape(renderedText); is to prevent javascript code injection such as <script> etc. Its looks like the control is already safe rendering (tested with <script>, <b> and <h1>). without removing this line its render <>,. as theyer escaped value. Change-Id: I2e303decb9395fcf193e874b4ae55ab076ec0bba Bug-Url: https://bugzilla.redhat.com/1113499 Signed-off-by: Shahar Havivi <[email protected]> --- M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/widget/label/TextBoxLabel.java 1 file changed, 2 insertions(+), 11 deletions(-) Approvals: Tomas Jelinek: Looks good to me, approved Shahar Havivi: Verified; Looks good to me, approved Vojtech Szocs: Looks good to me, approved -- To view, visit http://gerrit.ovirt.org/29292 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I2e303decb9395fcf193e874b4ae55ab076ec0bba Gerrit-PatchSet: 4 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Shahar Havivi <[email protected]> Gerrit-Reviewer: Alexander Wels <[email protected]> Gerrit-Reviewer: Omer Frenkel <[email protected]> Gerrit-Reviewer: Shahar Havivi <[email protected]> Gerrit-Reviewer: Tomas Jelinek <[email protected]> Gerrit-Reviewer: Vojtech Szocs <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-Reviewer: oVirt Jenkins CI Server _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
