mirror of
https://github.com/simple-login/app.git
synced 2024-09-30 05:31:30 +02:00
Merge pull request #988 from simple-login/ac-directory-name
Fix: Sanitize directory name before displaying it to the user
This commit is contained in:
commit
8984d11805
@ -197,14 +197,16 @@
|
|||||||
$(".delete-dir").on("click", function (e) {
|
$(".delete-dir").on("click", function (e) {
|
||||||
let directory = $(this).parent().find(".dir-name").val();
|
let directory = $(this).parent().find(".dir-name").val();
|
||||||
|
|
||||||
let that = $(this);
|
const unsanitizedMessage = `All aliases associated with <b>${directory}</b> directory will also be deleted. ` +
|
||||||
let message = `All aliases associated with <b>${directory}</b> directory will also be deleted. ` +
|
|
||||||
`As a deleted directory can't be used by someone else, deleting a directory doesn't reset your directory quota. ` +
|
`As a deleted directory can't be used by someone else, deleting a directory doesn't reset your directory quota. ` +
|
||||||
`Your directory quota will be {{ current_user.directory_quota }} after the deletion, ` +
|
`Your directory quota will be {{ current_user.directory_quota }} after the deletion, ` +
|
||||||
" please confirm.";
|
" please confirm.";
|
||||||
|
const element = document.createElement('div');
|
||||||
|
element.innerText = unsanitizedMessage;
|
||||||
|
const sanitizedMessage = element.innerHTML;
|
||||||
|
|
||||||
bootbox.confirm({
|
bootbox.confirm({
|
||||||
message: message,
|
message: sanitizedMessage,
|
||||||
buttons: {
|
buttons: {
|
||||||
confirm: {
|
confirm: {
|
||||||
label: 'Yes, delete it',
|
label: 'Yes, delete it',
|
||||||
@ -215,9 +217,9 @@
|
|||||||
className: 'btn-outline-primary'
|
className: 'btn-outline-primary'
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
callback: function (result) {
|
callback: (result) => {
|
||||||
if (result) {
|
if (result) {
|
||||||
that.closest("form").submit();
|
this.closest("form").submit();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
Loading…
Reference in New Issue
Block a user