proxmox-mirrors/proxmox-widget-toolkit
1
0
Fork 1
mirror of https://git.proxmox.com/git/proxmox-widget-toolkit synced 2025-10-25 08:35:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

safe destroy: htmlEncode confirmation message

Browse Source 
to avoid interpreting HTML.

Signed-off-by: Friedrich Weber <f.weber@proxmox.com>
This commit is contained in:
Friedrich Weber 2025-03-31 11:20:22 +02:00 committed by Thomas Lamprecht
parent 86b2264d8b
commit 2611d905de
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/window/SafeDestroy.js
View File

@ -189,13 +189,13 @@ Ext.define('Proxmox.window.SafeDestroy', {
let taskName = me.getTaskName(); let taskName = me.getTaskName();
if (Ext.isDefined(taskName)) { if (Ext.isDefined(taskName)) {
me.lookupReference('messageCmp').setHtml( me.lookupReference('messageCmp').setHtml(
Proxmox.Utils.format_task_description(taskName, itemId), Ext.htmlEncode(Proxmox.Utils.format_task_description(taskName, itemId)),
); );
} else { } else {
throw "no task name specified"; throw "no task name specified";
} }
me.lookupReference('confirmField') let label = `${gettext('Please enter the ID to confirm')} (${itemId})`;
.setFieldLabel(`${gettext('Please enter the ID to confirm')} (${itemId})`); me.lookupReference('confirmField').setFieldLabel(Ext.htmlEncode(label));
}, },
}); });