Skip to content

Commit

Permalink
Merge pull request from GHSA-f3c6-mqp3-m5xw
Browse files Browse the repository at this point in the history
[4.2] JavaScript で出力する文字列にエスケープ処理を追加
  • Loading branch information
chihiro-adachi committed Feb 28, 2023
2 parents f56b4b9 + 7f904f3 commit 8dc61ac
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ file that was distributed with this source code.
"captcha": $('#captcha_text').val(),
"eccube_url": '{{ eccubeUrl }}',
"eccube_version": "{{ constant('Eccube\\Common\\Constant::VERSION') }}",
"eccube_shop_name": "{{ eccubeShopName }}"
"eccube_shop_name": "{{ eccubeShopName|escape('js') }}"
}
}).done(function(data) {
$('#captcha').modal('hide');
Expand Down
4 changes: 2 additions & 2 deletions src/Eccube/Resource/template/admin/Store/plugin_confirm.twig
Original file line number Diff line number Diff line change
Expand Up @@ -101,12 +101,12 @@ $(function() {
relatedTarget = $(e.relatedTarget);
mode = MODES[relatedTarget.data('mode')];
$('.modal-title', modal).text(mode.name + '確認');
message.text('「{{ item.name }} ({{ item.version }})」を' + mode.name + 'しますか?');
message.text('「{{ item.name|escape('js') }} ({{ item.version }})」を' + mode.name + 'しますか?');
$('#installBtn').text(mode.name);
});
$('#installBtn').on('click', function() {
message.text('「{{ item.name }} ({{ item.version }})」を' + mode.name + '中。この処理には数分かかる場合があります。画面をリロードせずにこのままお待ち下さい。');
message.text('「{{ item.name|escape('js') }} ({{ item.version }})」を' + mode.name + '中。この処理には数分かかる場合があります。画面をリロードせずにこのままお待ち下さい。');
var footer = $('div.modal-footer', modal).hide();
var progress = $('div.progress', modal).show();
var statusBar = $('#installStatus').text('');
Expand Down

0 comments on commit 8dc61ac

Please sign in to comment.