Skip to content

Commit

Permalink
Merge pull request apache#1000 from afs/webapp
Browse files Browse the repository at this point in the history 
Escape HTML chars
  • Loading branch information
@afs
afs authored May 10, 2021
2 parents 79e1343 + 7cefe42 commit 0a9b1cf
Show file tree
Hide file tree
Showing 7 changed files with 18 additions and 18 deletions.
4 changes: 2 additions & 2 deletions jena-fuseki2/jena-fuseki-webapp/src/main/webapp/js/app/templates/dataset-edit.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@
<ul class="nav nav-pills nav-stacked graphs">
<% _.each( counts(), function( n, g ) { %>
<li class="">
<a href="#" class="select-dataset" data-graph-name="<%= g %>" data-graph-size="<%= n %>">
<%= g %> (<%= n %> triples)
<a href="#" class="select-dataset" data-graph-name="<%- g %>" data-graph-size="<%= n %>">
<%- g %> (<%= n %> triples)
</a>
</li>
<% } ); %>
Expand Down
6 changes: 3 additions & 3 deletions jena-fuseki2/jena-fuseki-webapp/src/main/webapp/js/app/templates/dataset-info.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,10 @@
<dl class="dl-horizontal">
<% _.each( servicesDescription(), function( serviceDescription ) { %>
<dt>
<%= serviceDescription.label %>:
<%- serviceDescription.label %>:
</dt>
<dd>
<a href="<%= serviceDescription.url %>"><%= serviceDescription.url %></a>
<a href="<%- serviceDescription.url %>"><%- serviceDescription.url %></a>
</dd>
<% } ); %>
</dl>
Expand All @@ -24,7 +24,7 @@
<dt><span class="heading">graph name:</span></dt><dd><span class="heading">triples:</span></dd>
<% _.each( counts(), function( n, g ) { %>
<dt class="font-weight-normal">
<%= g %>
<%- g %>
</dt>
<dd>
<div class="numeric"><%= n %></div>
Expand Down
8 changes: 4 additions & 4 deletions jena-fuseki2/jena-fuseki-webapp/src/main/webapp/js/app/templates/dataset-management.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
<% _.each( datasets, function( ds ) { %>
<tr>
<td>
<%= ds.name() %>
<%- ds.name() %>
</td>
<!-- JENA-867 temporarily disable non-functional checkbox
<td>
Expand All @@ -24,9 +24,9 @@
<td>
<div>
<!-- JENA-869 Disable download button until it works again -->
<a class="btn btn-sm action remove btn-primary" data-ds-id='<%= ds.name() %>'><i class='fa fa-times-circle'></i> remove</a>
<a class="btn btn-sm action backup btn-primary" data-ds-id='<%= ds.name() %>'><i class='fa fa-download'></i> backup</a>
<a class="btn btn-sm action add-data btn-primary" href="dataset.html?tab=upload&ds=<%= ds.name() %>"><i class='fa fa-upload'></i> upload data</a>
<a class="btn btn-sm action remove btn-primary" data-ds-id='<%- ds.name() %>'><i class='fa fa-times-circle'></i> remove</a>
<a class="btn btn-sm action backup btn-primary" data-ds-id='<%- ds.name() %>'><i class='fa fa-download'></i> backup</a>
<a class="btn btn-sm action add-data btn-primary" href="dataset.html?tab=upload&ds=<%- ds.name() %>"><i class='fa fa-upload'></i> upload data</a>
</div>
<div class="action feedback"></a>
</td>
Expand Down
8 changes: 4 additions & 4 deletions jena-fuseki2/jena-fuseki-webapp/src/main/webapp/js/app/templates/dataset-selection-list.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,12 @@
<% _.each( datasets, function( ds ) { %>
<tr>
<td>
<%= ds.name() %>
<%- ds.name() %>
</td>
<td>
<a class="btn btn-sm action remove btn-primary" href="dataset.html?tab=query&ds=<%= ds.name() %>"><i class='fa fa-question-circle'></i> query</a>
<a class="btn btn-sm action remove btn-primary" href="dataset.html?tab=upload&ds=<%= ds.name() %>"><i class='fa fa-upload'></i> add data</a>
<a class="btn btn-sm action configure btn-primary" href="dataset.html?tab=info&ds=<%= ds.name() %>"><i class='fa fa-dashboard'></i> info</a>
<a class="btn btn-sm action remove btn-primary" href="dataset.html?tab=query&ds=<%- ds.name() %>"><i class='fa fa-question-circle'></i> query</a>
<a class="btn btn-sm action remove btn-primary" href="dataset.html?tab=upload&ds=<%- ds.name() %>"><i class='fa fa-upload'></i> add data</a>
<a class="btn btn-sm action configure btn-primary" href="dataset.html?tab=info&ds=<%- ds.name() %>"><i class='fa fa-dashboard'></i> info</a>
</td>
</tr>
<% }) %>
Expand Down
4 changes: 2 additions & 2 deletions jena-fuseki2/jena-fuseki-webapp/src/main/webapp/js/app/templates/dataset-selector.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@
<div class="select-picker-label">Dataset:</div>
<select class='selectpicker show-tick'>
<% _.each( datasets, function( ds ) { %>
<option <%= (ds.name() === selectedDatasetName) ? "selected" : "" %>>
<%= ds.name() %>
<option <%- (ds.name() === selectedDatasetName) ? "selected" : "" %>>
<%- ds.name() %>
</option>
<% } ); %>
</select>
Expand Down
4 changes: 2 additions & 2 deletions jena-fuseki2/jena-fuseki-webapp/src/main/webapp/js/app/templates/dataset-stats.tpl
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
<table class="table">
<tr>
<% _.each( headings, function( h ) { %>
<th class="text-right"><%= h %></th>
<th class="text-right"><%- h %></th>
<% } ); %>
</tr>
<% _.each( rows, function( row ) { %>
<tr>
<% _.each( row, function( cell ) { %>
<td class="text-right"><%= cell %></td>
<td class="text-right"><%- cell %></td>
<% } ); %>
</tr>
<% } ) %>
Expand Down
2 changes: 1 addition & 1 deletion jena-fuseki2/jena-fuseki-webapp/src/main/webapp/js/app/templates/uploadable-file.tpl
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<div class="row file-description">
<div class="col-sm-3">
<%= file.name %>
<%- file.name %>
</div>
<div class="col-sm-3">
<em>
Expand Down

0 comments on commit 0a9b1cf

Please sign in to comment.