diff options
author | Jo-Philipp Wich <jo@mein.io> | 2019-09-18 13:51:16 +0200 |
---|---|---|
committer | Jo-Philipp Wich <jo@mein.io> | 2019-09-18 13:51:16 +0200 |
commit | 934fa275b23f93ca6fe4eac5db6a6a6ee3f9581c (patch) | |
tree | 535c230d2bd6d29bedc7dc32cd37362ab0ecd264 /modules/luci-base/htdocs/luci-static/resources | |
parent | 982b08f45d400f63cab38daf6a99b5b690794d24 (diff) |
luci-base: ensure that button labels are properly html escaped
Fixes: #3067
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'modules/luci-base/htdocs/luci-static/resources')
-rw-r--r-- | modules/luci-base/htdocs/luci-static/resources/form.js | 24 | ||||
-rw-r--r-- | modules/luci-base/htdocs/luci-static/resources/luci.js | 6 | ||||
-rw-r--r-- | modules/luci-base/htdocs/luci-static/resources/ui.js | 62 |
3 files changed, 38 insertions, 54 deletions
diff --git a/modules/luci-base/htdocs/luci-static/resources/form.js b/modules/luci-base/htdocs/luci-static/resources/form.js index 0630ceec86..7dc63ceb5a 100644 --- a/modules/luci-base/htdocs/luci-static/resources/form.js +++ b/modules/luci-base/htdocs/luci-static/resources/form.js @@ -863,7 +863,7 @@ var CBITypedSection = CBIAbstractSection.extend({ 'class': 'cbi-button cbi-button-add', 'title': btn_title || _('Add'), 'click': L.ui.createHandlerFn(this, 'handleAdd') - }, btn_title || _('Add'))); + }, [ btn_title || _('Add') ])); } else { var nameEl = E('input', { @@ -925,7 +925,7 @@ var CBITypedSection = CBIAbstractSection.extend({ 'name': 'cbi.rts.%s.%s'.format(config_name, cfgsections[i]), 'data-section-id': cfgsections[i], 'click': L.ui.createHandlerFn(this, 'handleRemove', cfgsections[i]) - }, _('Delete')))); + }, [ _('Delete') ]))); } if (!this.anonymous) @@ -1146,25 +1146,21 @@ var CBITableSection = CBITypedSection.extend({ }, this, section_id); L.dom.append(tdEl.lastElementChild, - E('input', { - 'type': 'button', - 'value': _('Edit'), + E('button', { 'title': _('Edit'), 'class': 'cbi-button cbi-button-edit', 'click': evFn - }) + }, [ _('Edit') ]) ); } if (more_label) { L.dom.append(tdEl.lastElementChild, - E('input', { - 'type': 'button', - 'value': more_label, + E('button', { 'title': more_label, 'class': 'cbi-button cbi-button-edit', 'click': L.ui.createHandlerFn(this, 'renderMoreOptionsModal', section_id) - }) + }, [ more_label ]) ); } @@ -1338,11 +1334,11 @@ var CBITableSection = CBITypedSection.extend({ E('button', { 'class': 'btn', 'click': L.ui.createHandlerFn(this, 'handleModalCancel', m) - }, _('Dismiss')), ' ', + }, [ _('Dismiss') ]), ' ', E('button', { 'class': 'cbi-button cbi-button-positive important', 'click': L.ui.createHandlerFn(this, 'handleModalSave', m) - }, _('Save')) + }, [ _('Save') ]) ]) ], 'cbi-modal'); }, this)).catch(L.error); @@ -1487,7 +1483,7 @@ var CBINamedSection = CBIAbstractSection.extend({ E('button', { 'class': 'cbi-button', 'click': L.ui.createHandlerFn(this, 'handleRemove') - }, _('Delete')))); + }, [ _('Delete') ]))); } sectionEl.appendChild(E('div', { @@ -1502,7 +1498,7 @@ var CBINamedSection = CBIAbstractSection.extend({ E('button', { 'class': 'cbi-button cbi-button-add', 'click': L.ui.createHandlerFn(this, 'handleAdd') - }, _('Add'))); + }, [ _('Add') ])); } L.dom.bindClassInstance(sectionEl, this); diff --git a/modules/luci-base/htdocs/luci-static/resources/luci.js b/modules/luci-base/htdocs/luci-static/resources/luci.js index 0b7ec6ea86..af2b179ce3 100644 --- a/modules/luci-base/htdocs/luci-static/resources/luci.js +++ b/modules/luci-base/htdocs/luci-static/resources/luci.js @@ -1344,15 +1344,15 @@ this.handleSaveApply ? E('button', { 'class': 'cbi-button cbi-button-apply', 'click': L.ui.createHandlerFn(this, 'handleSaveApply') - }, _('Save & Apply')) : '', ' ', + }, [ _('Save & Apply') ]) : '', ' ', this.handleSave ? E('button', { 'class': 'cbi-button cbi-button-save', 'click': L.ui.createHandlerFn(this, 'handleSave') - }, _('Save')) : '', ' ', + }, [ _('Save') ]) : '', ' ', this.handleReset ? E('button', { 'class': 'cbi-button cbi-button-reset', 'click': L.ui.createHandlerFn(this, 'handleReset') - }, _('Reset')) : '' + }, [ _('Reset') ]) : '' ])); } diff --git a/modules/luci-base/htdocs/luci-static/resources/ui.js b/modules/luci-base/htdocs/luci-static/resources/ui.js index fed5dafa33..c0b57528fb 100644 --- a/modules/luci-base/htdocs/luci-static/resources/ui.js +++ b/modules/luci-base/htdocs/luci-static/resources/ui.js @@ -1508,7 +1508,7 @@ var UIFileUpload = UIElement.extend({ else if (this.value != null) label = [ this.iconForType('file'), ' %s (%s)'.format(this.truncatePath(this.value), _('File not accessible')) ]; else - label = _('Select file…'); + label = [ _('Select file…') ]; return this.bind(E('div', { 'id': this.options.id }, [ E('button', { @@ -1689,13 +1689,13 @@ var UIFileUpload = UIElement.extend({ ev.preventDefault(); ev.target.previousElementSibling.click(); } - }, _('Browse…')), + }, [ _('Browse…') ]), E('div', {}, E('input', { 'type': 'text', 'placeholder': _('Filename') })), E('button', { 'class': 'btn cbi-button-save', 'click': L.ui.createHandlerFn(this, 'handleUpload', path, list), 'disabled': true - }, _('Upload file')) + }, [ _('Upload file') ]) ]) ]); }, @@ -1746,11 +1746,11 @@ var UIFileUpload = UIElement.extend({ selected ? E('button', { 'class': 'btn', 'click': L.ui.createHandlerFn(this, 'handleReset') - }, _('Deselect')) : '', + }, [ _('Deselect') ]) : '', this.options.enable_remove ? E('button', { 'class': 'btn cbi-button-negative', 'click': L.ui.createHandlerFn(this, 'handleDelete', entrypath, list[i]) - }, _('Delete')) : '' + }, [ _('Delete') ]) : '' ]) ])); } @@ -1979,7 +1979,7 @@ return L.Class.extend({ } }, [ E('div', { 'style': 'flex:10' }), - E('div', { 'style': 'flex:1; display:flex' }, [ + E('div', { 'style': 'flex:1 1 auto; display:flex' }, [ E('button', { 'class': 'btn', 'style': 'margin-left:auto; margin-top:auto', @@ -1987,7 +1987,7 @@ return L.Class.extend({ L.dom.parent(ev.target, '.alert-message').classList.add('fade-out'); }, - }, _('Dismiss')) + }, [ _('Dismiss') ]) ]) ]); @@ -2303,24 +2303,18 @@ return L.Class.extend({ E('var', {}, E('del', ' ')), ' ', _('Option removed') ])]), E('br'), list, E('div', { 'class': 'right' }, [ - E('input', { - 'type': 'button', + E('button', { 'class': 'btn', - 'click': L.ui.hideModal, - 'value': _('Dismiss') - }), ' ', - E('input', { - 'type': 'button', + 'click': L.ui.hideModal + }, [ _('Dismiss') ]), ' ', + E('button', { 'class': 'cbi-button cbi-button-positive important', - 'click': L.bind(this.apply, this, true), - 'value': _('Save & Apply') - }), ' ', - E('input', { - 'type': 'button', + 'click': L.bind(this.apply, this, true) + }, [ _('Save & Apply') ]), ' ', + E('button', { 'class': 'cbi-button cbi-button-reset', - 'click': L.bind(this.revert, this), - 'value': _('Revert') - })])]) + 'click': L.bind(this.revert, this) + }, [ _('Revert') ])])]) ]); for (var config in this.changes) { @@ -2396,24 +2390,18 @@ return L.Class.extend({ E('h4', _('Configuration has been rolled back!')), E('p', _('The device could not be reached within %d seconds after applying the pending changes, which caused the configuration to be rolled back for safety reasons. If you believe that the configuration changes are correct nonetheless, perform an unchecked configuration apply. Alternatively, you can dismiss this warning and edit changes before attempting to apply again, or revert all pending changes to keep the currently working configuration state.').format(L.env.apply_rollback)), E('div', { 'class': 'right' }, [ - E('input', { - 'type': 'button', + E('button', { 'class': 'btn', - 'click': L.bind(L.ui.changes.displayStatus, L.ui.changes, false), - 'value': _('Dismiss') - }), ' ', - E('input', { - 'type': 'button', + 'click': L.bind(L.ui.changes.displayStatus, L.ui.changes, false) + }, [ _('Dismiss') ]), ' ', + E('button', { 'class': 'btn cbi-button-action important', - 'click': L.bind(L.ui.changes.revert, L.ui.changes), - 'value': _('Revert changes') - }), ' ', - E('input', { - 'type': 'button', + 'click': L.bind(L.ui.changes.revert, L.ui.changes) + }, [ _('Revert changes') ]), ' ', + E('button', { 'class': 'btn cbi-button-negative important', - 'click': L.bind(L.ui.changes.apply, L.ui.changes, false), - 'value': _('Apply unchecked') - }) + 'click': L.bind(L.ui.changes.apply, L.ui.changes, false) + }, [ _('Apply unchecked') ]) ]) ]); |