[lmi] [PATCH] Escape strings inserted into HTML in group quotes report g

lmi

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lmi] [PATCH] Escape strings inserted into HTML in group quotes report g

From:	Vadim Zeitlin
Subject:	[lmi] [PATCH] Escape strings inserted into HTML in group quotes report generation code
Date:	Thu, 27 Aug 2015 20:14:34 +0200

 Hello again,

 After looking at the footer use, I've realized that it could be corrupted
if it contained any special XML characters such as "<" or "&" and while
this looks unlikely, it's better to guard against this, so the attached
patch does just this. To see its effect, try using e.g. "<whatever>" as
MarketingNameFootnote field value: it appears as expected in the report now
whereas it was simply lost before.

 Please note that this patch risks conflicting with the one changing
row_num_ handling, so you might want to apply this one (which is a bit more
extensive) first.

 Thanks in advance,
VZ

0001-Escape-special-characters-in-group-quotes-report-to-.patch
Description: Text document

[Prev in Thread]

Current Thread

[Next in Thread]

[lmi] [PATCH] Escape strings inserted into HTML in group quotes report generation code, Vadim Zeitlin <=
- Re: [lmi] [PATCH] Escape strings inserted into HTML in group quotes report generation code, Greg Chicares, 2015/08/28

Prev by Date: [lmi] [PATCH] Avoid header.footer (was: Group premium quotes)
Next by Date: Re: [lmi] Group premium quotes: UI
Previous by thread: Re: [lmi] Group premium quotes: UI
Next by thread: Re: [lmi] [PATCH] Escape strings inserted into HTML in group quotes report generation code
Index(es):
- Date
- Thread