Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-6766: 

- Ensuring policy label is properly escaped when populating the user's access policy listing.
This closes #3804.

Signed-off-by: Joe Witt <joewitt@apache.org>
This commit is contained in:
Matt Gilman 2019-10-09 22:23:35 -04:00 committed by Joe Witt
parent 5414cd5016
commit 99e9010b32
No known key found for this signature in database
GPG Key ID: 9093BF854F811A1A
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/users/nf-users-table.js
View File

@ -556,7 +556,7 @@
}
var subResource = nfCommon.substringAfterFirst(resource, '/restricted-components/');
return "Restricted components requiring '" + subResource + "'";
return "Restricted components requiring '" + nfCommon.escapeHtml(subResource) + "'";
};
/**
@ -609,9 +609,9 @@
}
if (dataContext.component.componentReference.permissions.canRead === true) {
policyLabel += '<span style="font-weight: 500">' + dataContext.component.componentReference.component.name + '</span>';
policyLabel += '<span style="font-weight: 500">' + nfCommon.escapeHtml(dataContext.component.componentReference.component.name) + '</span>';
} else {
policyLabel += '<span class="unset">' + dataContext.component.componentReference.id + '</span>'
policyLabel += '<span class="unset">' + nfCommon.escapeHtml(dataContext.component.componentReference.id) + '</span>'
}
return policyLabel;