From 7ab6a24876a848b1f6d8e81281786369c39ba15c Mon Sep 17 00:00:00 2001 From: Jessica Wang Date: Mon, 4 Oct 2010 14:56:14 -0700 Subject: [PATCH] decode text before it displays on UI. --- ui/new/scripts/cloud.core2.init.js | 12 ++++----- ui/new/scripts/cloud.core2.instance.js | 2 +- ui/new/scripts/cloud.core2.iso.js | 2 +- ui/new/scripts/cloud.core2.js | 18 ++++++------- ui/new/scripts/cloud.core2.template.js | 8 +++--- ui/new/scripts/cloud.core2.volume.js | 4 +-- ui/scripts/cloud.core.configuration.js | 8 +++--- ui/scripts/cloud.core.instances.js | 36 +++++++++++++------------- ui/scripts/cloud.core.js | 18 ++++++------- ui/scripts/cloud.core.storage.js | 20 +++++++------- 10 files changed, 64 insertions(+), 64 deletions(-) diff --git a/ui/new/scripts/cloud.core2.init.js b/ui/new/scripts/cloud.core2.init.js index 9e75c6d385a..81400b1dc3a 100644 --- a/ui/new/scripts/cloud.core2.init.js +++ b/ui/new/scripts/cloud.core2.init.js @@ -498,7 +498,7 @@ $(document).ready(function() { var zoneSelect = $("#capacity_zone_select").empty(); if (zones != null && zones.length > 0) { for (var i = 0; i < zones.length; i++) { - zoneSelect.append(""); + zoneSelect.append(""); if(noPods) { $.ajax({ data: createURL("command=listPods&zoneId="+zones[i].id+"&response=json"), @@ -683,7 +683,7 @@ $(document).ready(function() { if (pods != null && pods.length > 0) { podSelect.append(""); for (var i = 0; i < pods.length; i++) { - podSelect.append(""); + podSelect.append(""); } } $("#capacity_pod_select").change(); @@ -704,7 +704,7 @@ $(document).ready(function() { for (var i = 0; i < length; i++) { var errorTemplate = $("#recent_error_template").clone(true); errorTemplate.find("#db_error_type").text(toAlertType(alerts[i].type)); - errorTemplate.find("#db_error_msg").append(sanitizeXSS(alerts[i].description)); + errorTemplate.find("#db_error_msg").append(fromdb(alerts[i].description)); setDateField(alerts[i].sent, errorTemplate.find("#db_error_date")); alertGrid.append(errorTemplate.show()); } @@ -724,7 +724,7 @@ $(document).ready(function() { for (var i = 0; i < length; i++) { var errorTemplate = $("#recent_error_template").clone(true); errorTemplate.find("#db_error_type").text("Host - Alert State"); - errorTemplate.find("#db_error_msg").append("Host - " + sanitizeXSS(alerts[i].name) + " has been detected in Alert state."); + errorTemplate.find("#db_error_msg").append("Host - " + fromdb(alerts[i].name) + " has been detected in Alert state."); setDateField(alerts[i].disconnected, errorTemplate.find("#db_error_date")); alertGrid.append(errorTemplate.show()); } @@ -802,7 +802,7 @@ $(document).ready(function() { for (var i = 0; i < length; i++) { var errorTemplate = $("#recent_error_template").clone(true); errorTemplate.find("#db_error_type").text(events[i].type); - errorTemplate.find("#db_error_msg").text(sanitizeXSS(events[i].description)); + errorTemplate.find("#db_error_msg").text(fromdb(events[i].description)); setDateField(events[i].created, errorTemplate.find("#db_error_date")); errorGrid.append(errorTemplate.show()); } @@ -862,7 +862,7 @@ $(document).ready(function() { for (var i = 0; i < length; i++) { var errorTemplate = $("#recent_error_template").clone(true); errorTemplate.find("#db_error_type").text(events[i].type); - errorTemplate.find("#db_error_msg").text(sanitizeXSS(events[i].description)); + errorTemplate.find("#db_error_msg").text(fromdb(events[i].description)); setDateField(events[i].created, errorTemplate.find("#db_error_date")); errorGrid.append(errorTemplate.show()); } diff --git a/ui/new/scripts/cloud.core2.instance.js b/ui/new/scripts/cloud.core2.instance.js index bd96d3e61e8..85132bb1f23 100644 --- a/ui/new/scripts/cloud.core2.instance.js +++ b/ui/new/scripts/cloud.core2.instance.js @@ -167,7 +167,7 @@ function clickInstanceGroupHeader($arrowIcon) { for (var i = 0; i < offerings.length; i++) { var $t = $existingDiskOfferingTemplate.clone(); $t.find("input:radio").attr("name","data_disk_offering_radio").val(offerings[i].id).removeAttr("checked"); - $t.find("#name").text(fromdb(noNull(offerings[i].name))); + $t.find("#name").text(fromdb(offerings[i].name)); $t.find("#description").text(fromdb(offerings[i].displaytext)); $dataDiskOfferingContainer.append($t.show()); } diff --git a/ui/new/scripts/cloud.core2.iso.js b/ui/new/scripts/cloud.core2.iso.js index 492cb53ca72..c3ad2467737 100644 --- a/ui/new/scripts/cloud.core2.iso.js +++ b/ui/new/scripts/cloud.core2.iso.js @@ -360,7 +360,7 @@ function populateZoneFieldExcludeSourceZone(zoneField, excludeZoneId) { if (g_zoneIds != null && g_zoneIds.length > 0) { for (var i = 0; i < g_zoneIds.length; i++) { if(g_zoneIds[i] != excludeZoneId) - zoneField.append(""); + zoneField.append(""); } } } diff --git a/ui/new/scripts/cloud.core2.js b/ui/new/scripts/cloud.core2.js index 2d77a9480b7..5623e8b5008 100644 --- a/ui/new/scripts/cloud.core2.js +++ b/ui/new/scripts/cloud.core2.js @@ -284,7 +284,7 @@ function doActionForMidMenu(id, $actionLink, apiCommand, listAPIMap) { } else if (result.jobstatus == 2) { // Failed $midmenuItem.find("#info_icon").addClass("error").show(); - $midmenuItem.data("afterActionInfo", (label + " action failed. Reason: " + sanitizeXSS(result.jobresult))); + $midmenuItem.data("afterActionInfo", (label + " action failed. Reason: " + fromdb(result.jobresult))); } } }, @@ -1136,7 +1136,7 @@ function submenuContentEventBinder(submenuContent, listFunction) { zoneSelect.append(""); if (zones != null && zones.length > 0) { for (var i = 0; i < zones.length; i++) { - zoneSelect.append(""); + zoneSelect.append(""); } } } @@ -1163,7 +1163,7 @@ function submenuContentEventBinder(submenuContent, listFunction) { podSelect.empty(); if (pods != null && pods.length > 0) { for (var i = 0; i < pods.length; i++) { - podSelect.append(""); + podSelect.append(""); } } } @@ -1186,7 +1186,7 @@ function submenuContentEventBinder(submenuContent, listFunction) { var domains = json.listdomainsresponse.domain; if (domains != null && domains.length > 0) { for (var i = 0; i < domains.length; i++) { - domainSelect.append(""); + domainSelect.append(""); } } } @@ -1204,7 +1204,7 @@ function submenuContentEventBinder(submenuContent, listFunction) { var items = json.listvirtualmachinesresponse.virtualmachine; if (items != null && items.length > 0) { for (var i = 0; i < items.length; i++) { - vmSelect.append(""); + vmSelect.append(""); } } } @@ -1395,7 +1395,7 @@ function noNull(val) { } // Prevent cross-site-script(XSS) attack. -// used right before adding user input to the DOM tree. e.g. DOM_element.html(sanitizeXSS(user_input)); +// used right before adding user input to the DOM tree. e.g. DOM_element.html(fromdb(user_input)); function sanitizeXSS(val) { if(val == null || typeof(val) != "string") return val; @@ -1406,16 +1406,16 @@ function sanitizeXSS(val) { function getVmName(p_vmName, p_vmDisplayname) { if(p_vmDisplayname == null) - return sanitizeXSS(unescape(p_vmName)); + return fromdb(p_vmName); var vmName = null; if (isAdmin()) { if (p_vmDisplayname != p_vmName) { - vmName = p_vmName + "(" + sanitizeXSS(unescape(p_vmDisplayname)) + ")"; + vmName = p_vmName + "(" + fromdb(p_vmDisplayname) + ")"; } else { vmName = p_vmName; } } else { - vmName = sanitizeXSS(unescape(p_vmDisplayname)); + vmName = fromdb(p_vmDisplayname); } return vmName; } diff --git a/ui/new/scripts/cloud.core2.template.js b/ui/new/scripts/cloud.core2.template.js index 1a6ead76c46..e19863059e1 100644 --- a/ui/new/scripts/cloud.core2.template.js +++ b/ui/new/scripts/cloud.core2.template.js @@ -96,7 +96,7 @@ function afterLoadTemplateJSP() { var zones = json.listzonesresponse.zone; if (zones != null && zones.length > 0) { for (var i = 0; i < zones.length; i++) { - addTemplateZoneField.append(""); + addTemplateZoneField.append(""); g_zoneIds.push(zones[i].id); g_zoneNames.push(zones[i].name); } @@ -131,7 +131,7 @@ function afterLoadTemplateJSP() { if(items != null && items.length > 0 ) { var serviceOfferingField = $("#dialog_create_vm_from_template #service_offering").empty(); for(var i = 0; i < items.length; i++) - serviceOfferingField.append(""); + serviceOfferingField.append(""); } } }); @@ -145,7 +145,7 @@ function afterLoadTemplateJSP() { var diskOfferingField = $("#dialog_create_vm_from_template #disk_offering").empty(); diskOfferingField.append(""); for(var i = 0; i < items.length; i++) - diskOfferingField.append(""); + diskOfferingField.append(""); } } @@ -465,7 +465,7 @@ function populateZoneFieldExcludeSourceZone(zoneField, excludeZoneId) { if (g_zoneIds != null && g_zoneIds.length > 0) { for (var i = 0; i < g_zoneIds.length; i++) { if(g_zoneIds[i] != excludeZoneId) - zoneField.append(""); + zoneField.append(""); } } } diff --git a/ui/new/scripts/cloud.core2.volume.js b/ui/new/scripts/cloud.core2.volume.js index 3aab7019b35..7e0e27f5369 100644 --- a/ui/new/scripts/cloud.core2.volume.js +++ b/ui/new/scripts/cloud.core2.volume.js @@ -62,7 +62,7 @@ function afterLoadVolumeJSP() { var volumeZoneSelect = $("#dialog_add_volume").find("#volume_zone").empty(); if (zones != null && zones.length > 0) { for (var i = 0; i < zones.length; i++) { - volumeZoneSelect.append(""); + volumeZoneSelect.append(""); } } } @@ -77,7 +77,7 @@ function afterLoadVolumeJSP() { if (offerings != null && offerings.length > 0) { if (offerings != null && offerings.length > 0) { for (var i = 0; i < offerings.length; i++) - volumeDiskOfferingSelect.append(""); + volumeDiskOfferingSelect.append(""); } } } diff --git a/ui/scripts/cloud.core.configuration.js b/ui/scripts/cloud.core.configuration.js index 63d150c0d35..039d342c81c 100644 --- a/ui/scripts/cloud.core.configuration.js +++ b/ui/scripts/cloud.core.configuration.js @@ -69,11 +69,11 @@ function showConfigurationTab() { }); function globalJSONToTemplate(json, template) { - template.data("name", fromdb(json.name)).attr("id", "global_"+noNull(json.name)); + template.data("name", fromdb(json.name)).attr("id", "global_"+fromdb(json.name)); (index++ % 2 == 0)? template.addClass("smallrow_even"): template.addClass("smallrow_odd"); - template.find("#global_name").text(noNull(json.name)); - template.find("#global_value").text(noNull(json.value)); - template.find("#global_desc").text(noNull(json.description)); + template.find("#global_name").text(fromdb(json.name)); + template.find("#global_value").text(fromdb(json.value)); + template.find("#global_desc").text(fromdb(json.description)); } $("#submenu_content_global .grid_container .grid_header .grid_genheader_cell").bind("click", function(event) { diff --git a/ui/scripts/cloud.core.instances.js b/ui/scripts/cloud.core.instances.js index 619be437aec..1d2622bff8c 100644 --- a/ui/scripts/cloud.core.instances.js +++ b/ui/scripts/cloud.core.instances.js @@ -2351,15 +2351,15 @@ function showInstancesTab(p_domainId, p_account) { template.addClass("row_odd"); else template.addClass("row_even"); - template.data("routerId", json.id).data("routerName", noNull(json.name)).attr("id", "router"+json.id); - template.find("#router_zonename").text(noNull(json.zonename)); - template.find("#router_name").text(noNull(json.name)); - template.find("#router_public_ip").text(noNull(json.publicip)); - template.find("#router_private_ip").text(noNull(json.privateip)); - template.find("#router_guest_ip").text(noNull(json.guestipaddress)); - template.find("#router_host").text(noNull(json.hostname)); - template.find("#router_domain").text(noNull(json.networkdomain)); - template.find("#router_owner").text(noNull(json.account)); + template.data("routerId", json.id).data("routerName", fromdb(json.name)).attr("id", "router"+json.id); + template.find("#router_zonename").text(fromdb(json.zonename)); + template.find("#router_name").text(fromdb(json.name)); + template.find("#router_public_ip").text(fromdb(json.publicip)); + template.find("#router_private_ip").text(fromdb(json.privateip)); + template.find("#router_guest_ip").text(fromdb(json.guestipaddress)); + template.find("#router_host").text(fromdb(json.hostname)); + template.find("#router_domain").text(fromdb(json.networkdomain)); + template.find("#router_owner").text(fromdb(json.account)); setDateField(json.created, template.find("#router_created")); // State @@ -2447,15 +2447,15 @@ function showInstancesTab(p_domainId, p_account) { template.addClass("row_odd"); else template.addClass("row_even"); - template.data("consoleId", json.id).data("consoleName", noNull(json.name)).attr("id", "console"+json.id); - template.find("#console_type").text(noNull(json.systemvmtype)); - template.find("#console_name").text(noNull(json.name)); - template.find("#console_zone").text(noNull(json.zonename)); - template.find("#console_active_session").text(noNull(json.activeviewersessions)); - template.find("#console_public_ip").text(noNull(json.publicip)); - template.find("#console_private_ip").text(noNull(json.privateip)); - template.find("#console_host").text(noNull(json.hostname)); - template.find("#console_gateway").text(noNull(json.gateway)); + template.data("consoleId", json.id).data("consoleName", fromdb(json.name)).attr("id", "console"+json.id); + template.find("#console_type").text(fromdb(json.systemvmtype)); + template.find("#console_name").text(fromdb(json.name)); + template.find("#console_zone").text(fromdb(json.zonename)); + template.find("#console_active_session").text(fromdb(json.activeviewersessions)); + template.find("#console_public_ip").text(fromdb(json.publicip)); + template.find("#console_private_ip").text(fromdb(json.privateip)); + template.find("#console_host").text(fromdb(json.hostname)); + template.find("#console_gateway").text(fromdb(json.gateway)); setDateField(json.created, template.find("#console_created")); // State diff --git a/ui/scripts/cloud.core.js b/ui/scripts/cloud.core.js index 5abdda6ec30..f8dce705db9 100644 --- a/ui/scripts/cloud.core.js +++ b/ui/scripts/cloud.core.js @@ -373,7 +373,7 @@ function submenuContentEventBinder(submenuContent, listFunction) { zoneSelect.append(""); if (zones != null && zones.length > 0) { for (var i = 0; i < zones.length; i++) { - zoneSelect.append(""); + zoneSelect.append(""); } } } @@ -400,7 +400,7 @@ function submenuContentEventBinder(submenuContent, listFunction) { podSelect.empty(); if (pods != null && pods.length > 0) { for (var i = 0; i < pods.length; i++) { - podSelect.append(""); + podSelect.append(""); } } } @@ -423,7 +423,7 @@ function submenuContentEventBinder(submenuContent, listFunction) { var domains = json.listdomainsresponse.domain; if (domains != null && domains.length > 0) { for (var i = 0; i < domains.length; i++) { - domainSelect.append(""); + domainSelect.append(""); } } } @@ -441,7 +441,7 @@ function submenuContentEventBinder(submenuContent, listFunction) { var items = json.listvirtualmachinesresponse.virtualmachine; if (items != null && items.length > 0) { for (var i = 0; i < items.length; i++) { - vmSelect.append(""); + vmSelect.append(""); } } } @@ -632,7 +632,7 @@ function noNull(val) { } // Prevent cross-site-script(XSS) attack. -// used right before adding user input to the DOM tree. e.g. DOM_element.html(sanitizeXSS(user_input)); +// used right before adding user input to the DOM tree. e.g. DOM_element.html(fromdb(user_input)); function sanitizeXSS(val) { if(val == null || typeof(val) != "string") return val; @@ -643,16 +643,16 @@ function sanitizeXSS(val) { function getVmName(p_vmName, p_vmDisplayname) { if(p_vmDisplayname == null) - return sanitizeXSS(p_vmName); + return fromdb(p_vmName); var vmName = null; if (isAdmin()) { if (p_vmDisplayname != p_vmName) { - vmName = p_vmName + "(" + sanitizeXSS(p_vmDisplayname) + ")"; + vmName = p_vmName + "(" + fromdb(p_vmDisplayname) + ")"; } else { vmName = p_vmName; } } else { - vmName = sanitizeXSS(p_vmDisplayname); + vmName = fromdb(p_vmDisplayname); } return vmName; } @@ -680,7 +680,7 @@ function handleError(xmlHttp, handleErrorCallback) { var start = xmlHttp.responseText.indexOf("h1") + 3; var end = xmlHttp.responseText.indexOf("Encountered an error:


"+sanitizeXSS(errorMsg)+"

").dialog("open"); + $("#dialog_error").html("

Encountered an error:


"+fromdb(errorMsg)+"

").dialog("open"); } } diff --git a/ui/scripts/cloud.core.storage.js b/ui/scripts/cloud.core.storage.js index 8455267f651..6f464682162 100644 --- a/ui/scripts/cloud.core.storage.js +++ b/ui/scripts/cloud.core.storage.js @@ -254,17 +254,17 @@ function showStorageTab(domainId, targetTab) { template.data("vmid", json.virtualmachineid); template.data("zoneId", json.zoneid); - template.find("#volume_id").text(noNull(json.id)); - template.find("#volume_name").text(noNull(json.name)); - template.find("#volume_zone").text(noNull(json.zonename)); - template.find("#volume_account").text(noNull(json.account)); - template.find("#volume_deviceid").text(noNull(json.deviceid)); - template.find("#volume_domain").text(noNull(json.domain)); - template.find("#volume_hostname").text(noNull(json.storage)); - template.find("#volume_path").text(noNull(json.path)); - template.find("#volume_state").text(noNull(json.state)); + template.find("#volume_id").text(fromdb(json.id)); + template.find("#volume_name").text(fromdb(json.name)); + template.find("#volume_zone").text(fromdb(json.zonename)); + template.find("#volume_account").text(fromdb(json.account)); + template.find("#volume_deviceid").text(fromdb(json.deviceid)); + template.find("#volume_domain").text(fromdb(json.domain)); + template.find("#volume_hostname").text(fromdb(json.storage)); + template.find("#volume_path").text(fromdb(json.path)); + template.find("#volume_state").text(fromdb(json.state)); template.find("#volume_size").text((json.size == "0") ? "" : convertBytes(json.size)); - template.find("#volume_type").text(noNull(json.type) + " (" + noNull(json.storagetype) + " storage)"); + template.find("#volume_type").text(fromdb(json.type) + " (" + fromdb(json.storagetype) + " storage)"); if (json.virtualmachineid == null) { template.find("#volume_vmname").text("detached"); } else {