Skip to content
Permalink
Browse files

[FIXED JENKINS-42903] Sanitize parameter names and descriptions

  • Loading branch information
ikedam committed Aug 4, 2017
1 parent 141d90c commit c781e2016331f2d8c4634d6a970a3dd77608c2d2
@@ -30,7 +30,7 @@ THE SOFTWARE.
<f:textbox />
</f:entry>
<f:entry title="${%Description}" field="description" help="/help/parameter/description.html">
<f:textarea />
<f:textarea previewEndpoint="/markupFormatter/previewDescription" />
</f:entry>
<f:dropdownDescriptorSelector title="${%Choice Provider}" field="choiceListProvider" descriptors="${descriptor.enabledChoiceListProviderList}" />
<f:entry title="${%Editable}" field="editable">
@@ -28,7 +28,8 @@ THE SOFTWARE.
In this view, the fields are not managed in Descriable/Descriptor framework,
and results in not using /lib/form taglibs, but writing HTML input tags directory.
-->
<f:entry title="${it.name}" description="${it.description}">
<j:set var="escapeEntryTitleAndDescription" value="false" />
<f:entry title="${h.escape(it.name)}" description="${it.formattedDescription}">
<div name="parameter" description="${it.description}">
<input type="hidden" name="name" value="${it.name}" />
<j:scope>

0 comments on commit c781e20

Please sign in to comment.
You can’t perform that action at this time.