Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[FIXED JENKINS-42903] Sanitize parameter names and descriptions
  • Loading branch information
ikedam committed Aug 4, 2017
1 parent 141d90c commit c781e20
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
Expand Up @@ -30,7 +30,7 @@ THE SOFTWARE.
<f:textbox />
</f:entry>
<f:entry title="${%Description}" field="description" help="/help/parameter/description.html">
<f:textarea />
<f:textarea previewEndpoint="/markupFormatter/previewDescription" />
</f:entry>
<f:dropdownDescriptorSelector title="${%Choice Provider}" field="choiceListProvider" descriptors="${descriptor.enabledChoiceListProviderList}" />
<f:entry title="${%Editable}" field="editable">
Expand Down
Expand Up @@ -28,7 +28,8 @@ THE SOFTWARE.
In this view, the fields are not managed in Descriable/Descriptor framework,
and results in not using /lib/form taglibs, but writing HTML input tags directory.
-->
<f:entry title="${it.name}" description="${it.description}">
<j:set var="escapeEntryTitleAndDescription" value="false" />
<f:entry title="${h.escape(it.name)}" description="${it.formattedDescription}">
<div name="parameter" description="${it.description}">
<input type="hidden" name="name" value="${it.name}" />
<j:scope>
Expand Down

0 comments on commit c781e20

Please sign in to comment.