luci-mod-system: ensure that textarea contents are properly escaped

author Jo-Philipp Wich <jo@mein.io>

Mon, 23 Sep 2019 09:44:18 +0000 (11:44 +0200)

committer Jo-Philipp Wich <jo@mein.io>

Mon, 23 Sep 2019 09:44:18 +0000 (11:44 +0200)
author Jo-Philipp Wich <jo@mein.io>
Mon, 23 Sep 2019 09:44:18 +0000 (11:44 +0200)
committer Jo-Philipp Wich <jo@mein.io>
Mon, 23 Sep 2019 09:44:18 +0000 (11:44 +0200)
diff --git a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/crontab.js b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/crontab.js

index 286155790a08ae7ebb099e75e4c49ab25a13f3ae..512f601eb69338fe9e0d5e140dc4b08c3152afdb 100644 (file)
--- a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/crontab.js
+++ b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/crontab.js
@@ -40,7 +40,7 @@ return L.view.extend({
                         E('p', {},
                                 _('This is the system crontab in which scheduled tasks can be defined.') +
                                 _('<br/>Note: you need to manually restart the cron service if the crontab file was empty before editing.')),
-                       E('p', {}, E('textarea', { 'style': 'width:100%', 'rows': 10 }, crontab != null ? crontab : ''))
+                       E('p', {}, E('textarea', { 'style': 'width:100%', 'rows': 10 }, [ crontab != null ? crontab : '' ]))
                 ]);
         },
  
diff --git a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/startup.js b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/startup.js

index 365e6c8ed8fc8a3f4a75539224e606157bbed73f..ba5bb35061de56546a4396151c9af314358b7311 100644 (file)
--- a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/startup.js
+++ b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/startup.js
@@ -125,7 +125,7 @@ return L.view.extend({
                                 ]),
                                 E('div', { 'data-tab': 'rc', 'data-tab-title': _('Local Startup') }, [
                                         E('p', {}, _('This is the content of /etc/rc.local. Insert your own commands here (in front of \'exit 0\') to execute them at the end of the boot process.')),
-                                       E('p', {}, E('textarea', { 'style': 'width:100%', 'rows': 20 }, rcLocal != null ? rcLocal : '')),
+                                       E('p', {}, E('textarea', { 'style': 'width:100%', 'rows': 20 }, [ (rcLocal != null ? rcLocal : '') ]),
                                         E('div', { 'class': 'cbi-page-actions' }, [
                                                 E('button', {
                                                         'class': 'btn cbi-button-save',
author	Jo-Philipp Wich <jo@mein.io>
	Mon, 23 Sep 2019 09:44:18 +0000 (11:44 +0200)
committer	Jo-Philipp Wich <jo@mein.io>
	Mon, 23 Sep 2019 09:44:18 +0000 (11:44 +0200)
modules/luci-mod-system/htdocs/luci-static/resources/view/system/crontab.js		patch \| blob \| history
modules/luci-mod-system/htdocs/luci-static/resources/view/system/startup.js		patch \| blob \| history