deblan/side_menu
deblan/side_menu
3
6
Fork 5
Code Issues 6 Pull requests 11 Projects Releases 119 Wiki Activity

(cq) replace v-html with v-text to prevent xss

Browse source
This commit is contained in:
Simon Vieille 2022-08-21 16:12:52 +02:00
parent f058ec10d3
commit d837f1acf5
Signed by: deblan
GPG key ID: 579388D585F70417
5 changed files with 8 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/AdminCategoriesCustom.vue
View file

@ -18,7 +18,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
<div>
<ul class="side-menu-setting-list">
<li v-for="item in values" class="side-menu-setting-list-item" v-on:click="showEditForm(item)">
<span v-html="item.en"></span>
<span v-text="item.en"></span>
</li>
</ul>
@ -29,7 +29,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
<Modal v-if="addForm" @close="hideAddForm">
<div class="modal__content">
<div v-for="lang in langs">
<span class="lang" v-html="lang"></span>
<span class="lang" v-text="lang"></span>
<input type="text" v-model="newValue[lang]" required>
</div>
@ -42,7 +42,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
<Modal v-if="editForm" @close="hideEditForm">
<div class="modal__content">
<div v-for="lang in langs">
<span class="lang" v-html="lang"></span>
<span class="lang" v-text="lang"></span>
<input type="text" v-model="editValue[lang]" required>
</div>

4
src/SideMenuApp.vue
View file

@ -17,8 +17,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
<template>
<li v-bind:class="classes">
<a v-bind:href="href" :target="target" v-bind:title="label">
<span class="side-menu-app-icon" v-html="icon"></span>
<span class="side-menu-app-text" v-html="label"></span>
<span class="side-menu-app-icon" v-text="icon"></span>
<span class="side-menu-app-text" v-text="label"></span>
</a>
</li>
</template>

2
src/SideMenuBig.vue
View file

@ -34,7 +34,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
<Loader v-if="!items.length" />
<div class="side-menu-category" v-for="category in items">
<h2 class="side-menu-category-title" v-if="category.name != ''" v-html="category.name"></h2>
<h2 class="side-menu-category-title" v-if="category.name != ''" v-text="category.name"></h2>
<ul class="side-menu-apps-list">
<SideMenuBigApp

2
src/SideMenuBigApp.vue
View file

@ -18,7 +18,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
<li v-bind:class="classes">
<a v-bind:href="href" :target="target" v-bind:title="label">
<img class="side-menu-app-icon" v-bind:src="icon" v-bind:alt="label" />
<span class="side-menu-app-text" v-html="label"></span>
<span class="side-menu-app-text" v-text="label"></span>
</a>
</li>
</template>

2
src/SideMenuWithCategories.vue
View file

@ -32,7 +32,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
<Loader v-if="!items.length" />
<div class="side-menu-category" v-for="category in items">
<h2 class="side-menu-category-title" v-if="category.name != ''" v-html="category.name"></h2>
<h2 class="side-menu-category-title" v-if="category.name != ''" v-text="category.name"></h2>
<ul class="side-menu-apps-list">
<SideMenuBigApp