Module: check_mk
Branch: master
Commit: 0e94671be62c40f32a0c3e7888054c426398fc2b
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=0e94671be62c40…
Author: Sven Rueß <sr(a)mathias-kettner.de>
Date: Thu Mar 19 10:25:24 2015 +0100
#1953 FIX Fixed processing of html processing in input fields
If you enter html entities in input fields, the value will be saved correctly.
If you open the rule for editing again, the value will be interpreted. This
replaces html entities with the interpreted character. If you save the rule
now, all html entities will be lost.
One example:
C+:
You enter .
Will be replaced with . (Dot)
C-:
This bug was reported by a customer who have used check_http for finding html
entities in a webpage.
---
.werks/1953 | 22 ++++++++++++++++++++++
ChangeLog | 1 +
web/htdocs/htmllib.py | 2 +-
3 files changed, 24 insertions(+), 1 deletion(-)
diff --git a/.werks/1953 b/.werks/1953
new file mode 100644
index 0000000..7108557
--- /dev/null
+++ b/.werks/1953
@@ -0,0 +1,22 @@
+Title: Fixed processing of html processing in input fields
+Level: 1
+Component: multisite
+Class: fix
+Compatible: compat
+State: unknown
+Version: 1.2.7i1
+Date: 1426752106
+
+If you enter html entities in input fields, the value will be saved correctly.
+If you open the rule for editing again, the value will be interpreted. This
+replaces html entities with the interpreted character. If you save the rule
+now, all html entities will be lost.
+
+One example:
+C+:
+You enter .
+Will be replaced with . (Dot)
+C-:
+
+This bug was reported by a customer who have used check_http for finding html
+entities in a webpage.
diff --git a/ChangeLog b/ChangeLog
index 906ad9c..6fa04e2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -319,6 +319,7 @@
* 2145 FIX: LDAP-Sync: Handling user ids with special characters more user
friendly...
* 2149 FIX: LDAP: The diagnostic log has been changed to use a fixed path...
* 2150 FIX: Reworked internal logging mechanism...
+ * 1953 FIX: Fixed processing of html processing in input fields...
WATO:
* 1760 Added search form to manual checks page
diff --git a/web/htdocs/htmllib.py b/web/htdocs/htmllib.py
index 50de04e..624941e 100644
--- a/web/htdocs/htmllib.py
+++ b/web/htdocs/htmllib.py
@@ -1315,7 +1315,7 @@ class html:
elif ty not in [str, unicode]: # also possible: type Exception!
value = "%s" % value # Note: this allows Unicode. value might not
have type str now
- return value.replace('"',
""").replace("<",
"<").replace(">", ">")
+ return value.replace("&",
"&").replace('"',
""").replace("<",
"<").replace(">", ">")
# This function returns a str object, never unicode!
# Beware: this code is crucial for the performance of Multisite!