From 9d1d77ea77c21796f9de781a6946b0da3bd83512 Mon Sep 17 00:00:00 2001
From: Jessica Wang <jessica@cloud.com>
Date: Thu, 15 Mar 2012 14:45:11 -0700
Subject: [PATCH] cloudStack 3.0 UI - validation - add new method
 "disallowSpecialCharacters" which will disallow < and > (to prevent XSS
 attack) - apply this method in Add Domain dialog.

---
 ui/scripts/domains.js | 4 ++--
 ui/scripts/ui/core.js | 8 ++++++++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/ui/scripts/domains.js b/ui/scripts/domains.js
index 53ab54744a9..1c41f29a6fc 100644
--- a/ui/scripts/domains.js
+++ b/ui/scripts/domains.js
@@ -172,11 +172,11 @@
               fields: {
                 name: {
                   label: 'label.name',
-                  validation: { required: true }
+                  validation: { required: true, disallowSpecialCharacters: true }
                 },
                 networkdomain: {
                   label: 'label.network.domain',
-                  validation: { required: false }
+                  validation: { required: false, disallowSpecialCharacters: true }
                 }
               }
             }
diff --git a/ui/scripts/ui/core.js b/ui/scripts/ui/core.js
index b869f337bb1..e47f6be497a 100644
--- a/ui/scripts/ui/core.js
+++ b/ui/scripts/ui/core.js
@@ -273,6 +273,14 @@
 
     // Validation
     $.extend($.validator.messages, { required: _l('label.required') });
+        
+    $.validator.addMethod(
+      "disallowSpecialCharacters", 
+      function(value, element) {     	
+    	return (value.indexOf("<") == -1 && value.indexOf(">") == -1); 
+      }, 
+      jQuery.format("Disallowed characters: <, >")
+    );   
 
     // Check for pending project invitations
     cloudStack.projects.invitationCheck({