etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix bug 6287 - decode string before displaying it on UI.

This commit is contained in:
Jessica Wang 2010-09-28 11:00:48 -07:00
parent 7fde0552dd
commit ddc982a853
10 changed files with 126 additions and 111 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ui/scripts/cloud.core.accounts.js
View File

@ -118,7 +118,7 @@ function showAccountsTab(domainId) {
loadingImg.hide();
rowContainer.show();
} else if (result.jobstatus == 2) {
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
loadingImg.hide();
rowContainer.show();
}
@ -166,7 +166,7 @@ function showAccountsTab(domainId) {
var accountId = json.id;
var accountName = json.name;
var domainId = json.domainid;
template.attr("id", "account"+accountId).data("accountId", accountId).data("accountName", sanitizeXSS(accountName)).data("domainId", sanitizeXSS(domainId));
template.attr("id", "account"+accountId).data("accountId", accountId).data("accountName", fromdb(accountName)).data("domainId", fromdb(domainId));
template.find("#account_role").text(toRole(json.accounttype));
template.find("#account_accountid").text(json.id);

40
ui/scripts/cloud.core.configuration.js
View File

@ -71,7 +71,7 @@ function showConfigurationTab() {
});
function globalJSONToTemplate(json, template) {
template.data("name", sanitizeXSS(json.name)).attr("id", "global_"+json.name);
template.data("name", fromdb(json.name)).attr("id", "global_"+json.name);
(index++ % 2 == 0)? template.addClass("smallrow_even"): template.addClass("smallrow_odd");
template.find("#global_name").text(json.name);
template.find("#global_value").text(json.value);
@ -128,9 +128,9 @@ function showConfigurationTab() {
}
function zoneObjectToRightPanel(obj) {
rightPanel.html("<strong>Zone:</strong> "+sanitizeXSS(obj.name));
rightPanel.html("<strong>Zone:</strong> "+fromdb(obj.name));
var rightContentHtml =
"<p><span>ZONE:</span> "+sanitizeXSS(obj.name)+"</p>"
"<p><span>ZONE:</span> "+fromdb(obj.name)+"</p>"
+ "<p><span>DNS 1:</span> "+obj.dns1+"</p>"
+ "<p><span>DNS 2:</span> "+((obj.dns2 == null) ? "" : obj.dns2) +"</p>"
+ "<p><span>Internal DNS 1:</span> "+obj.internaldns1+"</p>"
@ -155,10 +155,10 @@ function showConfigurationTab() {
}
function podObjectToRightPanel(obj) {
rightPanel.html("<strong>Pod:</strong> " + sanitizeXSS(obj.name));
rightPanel.html("<strong>Pod:</strong> " + fromdb(obj.name));
var rightContentHtml =
"<p><span>POD:</span> "+sanitizeXSS(obj.name)+"</p>"
"<p><span>POD:</span> "+fromdb(obj.name)+"</p>"
+ "<p><span>Private CIDR:</span> "+obj.cidr+"</p>"
+ "<p><span>Private IP Range:</span> "+obj.ipRange+"</p>"
+ "<p><span>Gateway:</span> "+obj.gateway+"</p>";
@ -329,7 +329,7 @@ function showConfigurationTab() {
var obj = {"id": id, "name": name, "dns1": dns1, "dns2": dns2, "internaldns1": internaldns1, "internaldns2": internaldns2, "vlan": vlan, "guestcidraddress": guestcidraddress };
zoneObjectToRightPanel(obj);
var zoneName = $("#zone_"+id).find("#zone_name").text(name);
zoneName.data("id", id).data("name", sanitizeXSS(name)).data("dns1", dns1).data("internaldns1", internaldns1).data("guestcidraddress", guestcidraddress);
zoneName.data("id", id).data("name", fromdb(name)).data("dns1", dns1).data("internaldns1", internaldns1).data("guestcidraddress", guestcidraddress);
if (dns2 != "")
zoneName.data("dns2", dns2);
if (internaldns2 != "")
@ -592,7 +592,7 @@ function showConfigurationTab() {
var obj = {"id": id, "zoneid": zoneid, "name": newName, "cidr": newCidr, "startip": newStartip, "endip": newEndip, "ipRange": newIpRange, "gateway": newGateway};
podObjectToRightPanel(obj);
var podName = $("#pod_"+id).find("#pod_name").text(newName);
podName.data("id", id).data("name", sanitizeXSS(newName)).data("cidr", newCidr).data("startip", newStartip).data("endip", newEndip).data("ipRange", newIpRange).data("gateway", newGateway);
podName.data("id", id).data("name", fromdb(newName)).data("cidr", newCidr).data("startip", newStartip).data("endip", newEndip).data("ipRange", newIpRange).data("gateway", newGateway);
loadingImg.hide();
row_container.show();
},
@ -632,7 +632,7 @@ function showConfigurationTab() {
var pods = json.listpodsresponse.pod;
if (pods != null && pods.length > 0) {
for (var i = 0; i < pods.length; i++) {
podSelect.append("<option value='" + pods[i].id + "'>" + sanitizeXSS(pods[i].name) + "</option>");
podSelect.append("<option value='" + pods[i].id + "'>" + fromdb(pods[i].name) + "</option>");
}
} else {
podSelect.append("<option value=''>No available pods</option>");
@ -649,7 +649,7 @@ function showConfigurationTab() {
var domains = json.listdomainsresponse.domain;
if (domains != null && domains.length > 0) {
for (var i = 0; i < domains.length; i++) {
domainSelect.append("<option value='" + domains[i].id + "'>" + sanitizeXSS(domains[i].name) + "</option>");
domainSelect.append("<option value='" + domains[i].id + "'>" + fromdb(domains[i].name) + "</option>");
}
}
}
@ -900,11 +900,11 @@ function showConfigurationTab() {
function zoneJSONToTemplate(json, template) {
var zoneid = json.id;
template.data("id", zoneid).data("name", sanitizeXSS(json.name));
template.data("id", zoneid).data("name", fromdb(json.name));
template.find("#zone_name")
.text(json.name)
.data("id", zoneid)
.data("name", sanitizeXSS(json.name))
.data("name", fromdb(json.name))
.data("dns1", json.dns1)
.data("internaldns1", json.internaldns1)
.data("guestcidraddress", json.guestcidraddress);
@ -1269,17 +1269,17 @@ function showConfigurationTab() {
function serviceJSONToTemplate(json, template) {
template.attr("id", "service_"+json.id);
(index++ % 2 == 0)? template.addClass("smallrow_even"): template.addClass("smallrow_odd");
template.data("svcId", json.id).data("svcName", sanitizeXSS(unescape(json.name)));
template.data("svcId", json.id).data("svcName", fromdb(json.name));
template.find("#service_id").text(json.id);
template.find("#service_name").text(unescape(json.name));
template.find("#service_display").text(unescape(json.displaytext));
template.find("#service_name").text(fromdb(json.name));
template.find("#service_display").text(fromdb(json.displaytext));
template.find("#service_storagetype").text(json.storagetype);
template.find("#service_cpu").text(json.cpunumber + " x " + convertHz(json.cpuspeed));
template.find("#service_memory").text(convertBytes(parseInt(json.memory)*1024*1024));
template.find("#service_offerha").text(toBooleanText(json.offerha));
template.find("#service_networktype").text((json.usevirtualnetwork=="true")? "Public":"Direct");
template.find("#service_tags").text(unescape(json.tags));
template.find("#service_tags").text(fromdb(json.tags));
setDateField(json.created, template.find("#service_created"));
}
@ -1587,14 +1587,14 @@ function showConfigurationTab() {
} else {
template.addClass("smallrow_odd");
}
template.data("diskId", json.id).data("diskName", sanitizeXSS(unescape(json.name)));
template.data("diskId", json.id).data("diskName", fromdb(json.name));
template.find("#disk_id").text(json.id);
template.find("#disk_name").text(unescape(json.name));
template.find("#disk_description").text(unescape(json.displaytext));
template.find("#disk_name").text(fromdb(json.name));
template.find("#disk_description").text(fromdb(json.displaytext));
template.find("#disk_disksize").text(convertBytes(json.disksize));
template.find("#disk_tags").text(unescape(json.tags));
template.find("#disk_domain").text(unescape(json.domain));
template.find("#disk_tags").text(fromdb(json.tags));
template.find("#disk_domain").text(fromdb(json.domain));
}
function listDiskOfferings() {

2
ui/scripts/cloud.core.domains.js
View File

@ -55,7 +55,7 @@ function showDomainsTab() {
var template = treenodeTemplate.clone(true);
template.attr("id", "domain_"+json.id);
template.data("domainId", json.id).data("domainName", sanitizeXSS(json.name)).data("domainLevel", level);
template.data("domainId", json.id).data("domainName", fromdb(json.name)).data("domainLevel", level);
template.find("#domain_title_container").attr("id", "domain_title_container_"+json.id);
template.find("#domain_expand_icon").attr("id", "domain_expand_icon_"+json.id);
template.find("#domain_name").attr("id", "domain_name_"+json.id).text(json.name);

14
ui/scripts/cloud.core.hosts.js
View File

@ -42,7 +42,7 @@ function showHostsTab() {
var zoneSelect = dialogAddRouting.find("#host_zone").empty();
if (zones != null && zones.length > 0) {
for (var i = 0; i < zones.length; i++)
zoneSelect.append("<option value='" + zones[i].id + "'>" + sanitizeXSS(zones[i].name) + "</option>");
zoneSelect.append("<option value='" + zones[i].id + "'>" + fromdb(zones[i].name) + "</option>");
}
//dialogAddRouting.find("#host_zone").change();
}
@ -59,7 +59,7 @@ function showHostsTab() {
var podSelect = dialogAddRouting.find("#host_pod").empty();
if (pods != null && pods.length > 0) {
for (var i = 0; i < pods.length; i++) {
podSelect.append("<option value='" + pods[i].id + "'>" + sanitizeXSS(pods[i].name) + "</option>");
podSelect.append("<option value='" + pods[i].id + "'>" + fromdb(pods[i].name) + "</option>");
}
}
dialogAddRouting.find("#host_pod").change();
@ -229,7 +229,7 @@ function showHostsTab() {
break;
case "host_action_enable_maint" :
$("#dialog_confirmation")
.html("<p>Please confirm you enable maintenance for host: <b>"+sanitizeXSS(hostName)+"</b>. Enabling maintenance mode will cause a live migration of all running instances on this host to any available host. An alert will be sent to the admin when this process has been completed.</p>")
.html("<p>Please confirm you enable maintenance for host: <b>"+fromdb(hostName)+"</b>. Enabling maintenance mode will cause a live migration of all running instances on this host to any available host. An alert will be sent to the admin when this process has been completed.</p>")
.dialog('option', 'buttons', {
"Confirm": function() {
var dialogBox = $(this);
@ -305,7 +305,7 @@ function showHostsTab() {
break;
case "host_action_cancel_maint" :
$("#dialog_confirmation")
.html("<p>Please confirm you want to cancel maintenance for host: <b>"+sanitizeXSS(hostName)+"</b>. </p>")
.html("<p>Please confirm you want to cancel maintenance for host: <b>"+fromdb(hostName)+"</b>. </p>")
.dialog('option', 'buttons', {
"Confirm": function() {
var dialogBox = $(this);
@ -382,7 +382,7 @@ function showHostsTab() {
break;
case "host_action_reconnect" :
$("#dialog_confirmation")
.html("<p>Please confirm you want to force a reconnection for host: <b>"+sanitizeXSS(hostName)+"</b>. </p>")
.html("<p>Please confirm you want to force a reconnection for host: <b>"+fromdb(hostName)+"</b>. </p>")
.dialog('option', 'buttons', {
"Confirm": function() {
var dialogBox = $(this);
@ -459,7 +459,7 @@ function showHostsTab() {
break;
case "host_action_remove" :
$("#dialog_confirmation")
.html("<p>Please confirm you want to remove this host: <b>"+sanitizeXSS(hostName)+"</b> from the management server. </p>")
.html("<p>Please confirm you want to remove this host: <b>"+fromdb(hostName)+"</b> from the management server. </p>")
.dialog('option', 'buttons', {
"Confirm": function() {
$(this).dialog("close");
@ -521,7 +521,7 @@ function showHostsTab() {
} else {
template.find("#row_container").addClass("row_odd");
}
template.data("hostId", json.id).data("hostName", sanitizeXSS(json.name));
template.data("hostId", json.id).data("hostName", fromdb(json.name));
template.find("#routing_zone").text(json.zonename);
template.find("#routing_pod").text(json.podname);

12
ui/scripts/cloud.core.init.js
View File

@ -353,7 +353,7 @@ $(document).ready(function() {
var zoneSelect = $("#capacity_zone_select").empty();
if (zones != null && zones.length > 0) {
for (var i = 0; i < zones.length; i++) {
zoneSelect.append("<option value='" + zones[i].id + "'>" + sanitizeXSS(zones[i].name) + "</option>");
zoneSelect.append("<option value='" + zones[i].id + "'>" + fromdb(zones[i].name) + "</option>");
if(noPods) {
$.ajax({
data: "command=listPods&zoneId="+zones[i].id+"&response=json",
@ -538,7 +538,7 @@ $(document).ready(function() {
if (pods != null && pods.length > 0) {
podSelect.append("<option value='All'>All</option>");
for (var i = 0; i < pods.length; i++) {
podSelect.append("<option value='" + pods[i].name + "'>" + sanitizeXSS(pods[i].name) + "</option>");
podSelect.append("<option value='" + pods[i].name + "'>" + fromdb(pods[i].name) + "</option>");
}
}
$("#capacity_pod_select").change();
@ -559,7 +559,7 @@ $(document).ready(function() {
for (var i = 0; i < length; i++) {
var errorTemplate = $("#recent_error_template").clone(true);
errorTemplate.find("#db_error_type").text(toAlertType(alerts[i].type));
errorTemplate.find("#db_error_msg").append(sanitizeXSS(alerts[i].description));
errorTemplate.find("#db_error_msg").append(fromdb(alerts[i].description));
setDateField(alerts[i].sent, errorTemplate.find("#db_error_date"));
alertGrid.append(errorTemplate.show());
}
@ -579,7 +579,7 @@ $(document).ready(function() {
for (var i = 0; i < length; i++) {
var errorTemplate = $("#recent_error_template").clone(true);
errorTemplate.find("#db_error_type").text("Host - Alert State");
errorTemplate.find("#db_error_msg").append("Host - <b>" + sanitizeXSS(alerts[i].name) + "</b> has been detected in Alert state.");
errorTemplate.find("#db_error_msg").append("Host - <b>" + fromdb(alerts[i].name) + "</b> has been detected in Alert state.");
setDateField(alerts[i].disconnected, errorTemplate.find("#db_error_date"));
alertGrid.append(errorTemplate.show());
}
@ -657,7 +657,7 @@ $(document).ready(function() {
for (var i = 0; i < length; i++) {
var errorTemplate = $("#recent_error_template").clone(true);
errorTemplate.find("#db_error_type").text(events[i].type);
errorTemplate.find("#db_error_msg").text(sanitizeXSS(events[i].description));
errorTemplate.find("#db_error_msg").text(fromdb(events[i].description));
setDateField(events[i].created, errorTemplate.find("#db_error_date"));
errorGrid.append(errorTemplate.show());
}
@ -717,7 +717,7 @@ $(document).ready(function() {
for (var i = 0; i < length; i++) {
var errorTemplate = $("#recent_error_template").clone(true);
errorTemplate.find("#db_error_type").text(events[i].type);
errorTemplate.find("#db_error_msg").text(sanitizeXSS(events[i].description));
errorTemplate.find("#db_error_msg").text(fromdb(events[i].description));
setDateField(events[i].created, errorTemplate.find("#db_error_date"));
errorGrid.append(errorTemplate.show());
}

52
ui/scripts/cloud.core.instances.js
View File

@ -205,7 +205,7 @@ function showInstancesTab(p_domainId, p_account) {
vmInstance.data("state", result.virtualmachine[0].state);
if (result.virtualmachine[0].hostname != undefined) {
vmInstance.find("#vm_host").html("<strong>Host:</strong> " + sanitizeXSS(result.virtualmachine[0].hostname));
vmInstance.find("#vm_host").html("<strong>Host:</strong> " + fromdb(result.virtualmachine[0].hostname));
} else {
vmInstance.find("#vm_host").html("<strong>Host:</strong> ");
}
@ -295,7 +295,7 @@ function showInstancesTab(p_domainId, p_account) {
vmInstance.data("state", result.virtualmachine[0].state);
if (result.virtualmachine[0].hostname != undefined) {
vmInstance.find("#vm_host").html("<strong>Host:</strong> " + sanitizeXSS(result.virtualmachine[0].hostname));
vmInstance.find("#vm_host").html("<strong>Host:</strong> " + fromdb(result.virtualmachine[0].hostname));
} else {
vmInstance.find("#vm_host").html("<strong>Host:</strong> ");
}
@ -576,7 +576,7 @@ function showInstancesTab(p_domainId, p_account) {
if (offerings != null && offerings.length > 0) {
for (var i = 0; i < offerings.length; i++) {
var option = $("<option value='" + offerings[i].id + "'>" + sanitizeXSS(unescape(offerings[i].displaytext)) + "</option>").data("name", unescape(offerings[i].name));
var option = $("<option value='" + offerings[i].id + "'>" + fromdb(offerings[i].displaytext) + "</option>").data("name", fromdb(offerings[i].name));
offeringSelect.append(option);
}
}
@ -611,7 +611,7 @@ function showInstancesTab(p_domainId, p_account) {
vmInstance.find(".row_loading").show();
vmInstance.find(".loadingmessage_container .loadingmessage_top p").html("Your virtual instance has been upgraded. Please restart your virtual instance for the new service offering to take effect.");
vmInstance.find(".loadingmessage_container").fadeIn("slow");
vmInstance.find("#vm_service").html("<strong>Service:</strong> " + sanitizeXSS(unescape(result.virtualmachine[0].serviceofferingname)));
vmInstance.find("#vm_service").html("<strong>Service:</strong> " + fromdb(result.virtualmachine[0].serviceofferingname));
if (result.virtualmachine[0].haenable =='true') {
vmInstance.find("#vm_ha").html("<strong>HA:</strong> Enabled");
vmInstance.find("#vm_action_ha").text("Disable HA");
@ -620,7 +620,7 @@ function showInstancesTab(p_domainId, p_account) {
vmInstance.find("#vm_action_ha").text("Enable HA");
}
} else if (result.jobstatus == 2) { // Failed
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
}
}
},
@ -840,7 +840,7 @@ function showInstancesTab(p_domainId, p_account) {
if (isos != null && isos.length > 0) {
isoSelect.empty();
for (var i = 0; i < isos.length; i++) {
isoSelect.append("<option value='"+isos[i].id+"'>"+sanitizeXSS(isos[i].displaytext)+"</option>");;
isoSelect.append("<option value='"+isos[i].id+"'>"+fromdb(isos[i].displaytext)+"</option>");;
}
}
}
@ -1089,15 +1089,15 @@ function showInstancesTab(p_domainId, p_account) {
var vmName = getVmName(instanceJSON.name, instanceJSON.displayname);
instanceTemplate.data("id", instanceJSON.id)
.data("systemName", sanitizeXSS(instanceJSON.name))
.data("name", sanitizeXSS(vmName))
.data("systemName", fromdb(instanceJSON.name))
.data("name", fromdb(vmName))
.data("passwordEnabled", instanceJSON.passwordenabled)
.data("domainId", instanceJSON.domainid)
.data("account", sanitizeXSS(instanceJSON.account))
.data("zoneId", sanitizeXSS(instanceJSON.zoneid))
.data("account", fromdb(instanceJSON.account))
.data("zoneId", fromdb(instanceJSON.zoneid))
.data("state", instanceJSON.state)
.data("ha", instanceJSON.haenable);
instanceTemplate.data("group", sanitizeXSS(instanceJSON.group));
instanceTemplate.data("group", fromdb(instanceJSON.group));
if (instanceJSON.isoId != undefined && instanceJSON.isoid.length > 0) {
instanceTemplate.data("isoId", instanceJSON.isoid);
@ -1105,11 +1105,11 @@ function showInstancesTab(p_domainId, p_account) {
instanceTemplate.find("#vm_actions").data("id", instanceJSON.id);
// Populate the template
instanceTemplate.find("#vm_name").html("<strong>Name:</strong> " + sanitizeXSS(vmName));
instanceTemplate.find("#vm_name").html("<strong>Name:</strong> " + fromdb(vmName));
instanceTemplate.find("#vm_ip_address").html("<strong>IP Address:</strong> " + instanceJSON.ipaddress);
instanceTemplate.find("#vm_zone").html("<strong>Zone:</strong> " + sanitizeXSS(instanceJSON.zonename));
instanceTemplate.find("#vm_template").html("<strong>Template:</strong> " + sanitizeXSS(instanceJSON.templatename));
instanceTemplate.find("#vm_service").html("<strong>Service:</strong> " + sanitizeXSS(unescape(instanceJSON.serviceofferingname)));
instanceTemplate.find("#vm_zone").html("<strong>Zone:</strong> " + fromdb(instanceJSON.zonename));
instanceTemplate.find("#vm_template").html("<strong>Template:</strong> " + fromdb(instanceJSON.templatename));
instanceTemplate.find("#vm_service").html("<strong>Service:</strong> " + fromdb(instanceJSON.serviceofferingname));
if (instanceJSON.haenable =='true') {
instanceTemplate.find("#vm_ha").html("<strong>HA:</strong> Enabled");
instanceTemplate.find("#vm_action_ha").text("Disable HA");
@ -1120,11 +1120,11 @@ function showInstancesTab(p_domainId, p_account) {
setDateField(instanceJSON.created, instanceTemplate.find("#vm_created"), "<strong>Created:</strong> ");
instanceTemplate.find("#vm_account").html("<strong>Account:</strong> " + sanitizeXSS(instanceJSON.account));
instanceTemplate.find("#vm_domain").html("<strong>Domain:</strong> " + sanitizeXSS(instanceJSON.domain));
instanceTemplate.find("#vm_account").html("<strong>Account:</strong> " + fromdb(instanceJSON.account));
instanceTemplate.find("#vm_domain").html("<strong>Domain:</strong> " + fromdb(instanceJSON.domain));
if (isAdmin()) {
if (instanceJSON.hostname != undefined) {
instanceTemplate.find("#vm_host").html("<strong>Host:</strong> " + sanitizeXSS(instanceJSON.hostname));
instanceTemplate.find("#vm_host").html("<strong>Host:</strong> " + fromdb(instanceJSON.hostname));
} else {
instanceTemplate.find("#vm_host").html("<strong>Host:</strong> ");
}
@ -1240,7 +1240,7 @@ function showInstancesTab(p_domainId, p_account) {
var zoneSelect = vmPopup.find("#wizard_zone").empty();
if (zones != null && zones.length > 0) {
for (var i = 0; i < zones.length; i++) {
zoneSelect.append("<option value='" + zones[i].id + "'>" + sanitizeXSS(zones[i].name) + "</option>");
zoneSelect.append("<option value='" + zones[i].id + "'>" + fromdb(zones[i].name) + "</option>");
}
}
listTemplatesInVmPopup();
@ -1256,7 +1256,7 @@ function showInstancesTab(p_domainId, p_account) {
if (items != null && items.length > 0) {
for (var i = 0; i < items.length; i++) {
if(items[i].name != "default")
networkGroupSelect.append("<option value='" + sanitizeXSS(items[i].name) + "'>" + sanitizeXSS(items[i].name) + "</option>");
networkGroupSelect.append("<option value='" + fromdb(items[i].name) + "'>" + fromdb(items[i].name) + "</option>");
}
}
}
@ -1275,7 +1275,7 @@ function showInstancesTab(p_domainId, p_account) {
for (var i = 0; i < offerings.length; i++) {
var checked = "checked";
if (first == false) checked = "";
var listItem = $("<li><input class='radio' type='radio' name='service' id='service' value='"+offerings[i].id+"'" + checked + "/><label style='width:500px;font-size:11px;' for='service'>"+sanitizeXSS(unescape(offerings[i].displaytext))+"</label></li>");
var listItem = $("<li><input class='radio' type='radio' name='service' id='service' value='"+offerings[i].id+"'" + checked + "/><label style='width:500px;font-size:11px;' for='service'>"+fromdb(offerings[i].displaytext)+"</label></li>");
$("#wizard_service_offering").append(listItem);
first = false;
}
@ -1304,14 +1304,14 @@ function showInstancesTab(p_domainId, p_account) {
var html =
"<li>"
+"<input class='radio' type='radio' name='rootdisk' id='rootdisk' value='"+offerings[i].id+"'" + ((i==0)?"checked":"") + "/>"
+"<label style='width:500px;font-size:11px;' for='disk'>"+sanitizeXSS(unescape(offerings[i].displaytext))+"</label>"
+"<label style='width:500px;font-size:11px;' for='disk'>"+fromdb(offerings[i].displaytext)+"</label>"
+"</li>";
$("#wizard_root_disk_offering").append(html);
var html2 =
"<li>"
+"<input class='radio' type='radio' name='datadisk' id='datadisk' value='"+offerings[i].id+"'" + "/>"
+"<label style='width:500px;font-size:11px;' for='disk'>"+sanitizeXSS(unescape(offerings[i].displaytext))+"</label>"
+"<label style='width:500px;font-size:11px;' for='disk'>"+fromdb(offerings[i].displaytext)+"</label>"
+"</li>";
$("#wizard_data_disk_offering").append(html2);
}
@ -1454,8 +1454,8 @@ function showInstancesTab(p_domainId, p_account) {
var html = '<div class="'+divClass+'" id="'+items[i].id+'">'
+'<div class="'+getIconForOS(items[i].ostypename)+'"></div>'
+'<div class="rev_wiztemp_listtext">'+sanitizeXSS(items[i].displaytext)+'</div>'
+'<div class="rev_wiztemp_ownertext">'+sanitizeXSS(items[i].account)+'</div>'
+'<div class="rev_wiztemp_listtext">'+fromdb(items[i].displaytext)+'</div>'
+'<div class="rev_wiztemp_ownertext">'+fromdb(items[i].account)+'</div>'
+'</div>';
container.append(html);
}
@ -2577,7 +2577,7 @@ function showInstancesTab(p_domainId, p_account) {
// Failed
template.find(".adding_loading").hide();
template.find("#volume_body").show();
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
}
}
},

15
ui/scripts/cloud.core.js
View File

@ -82,6 +82,14 @@ function isDomainAdmin() {
return (g_role == 2);
}
function fromdb(val) {
return sanitizeXSS(unescape(noNull(val)));
}
function todb(val) {
return encodeURIComponent(escape(val));
}
function setDateField(dateValue, dateField, htmlMarkup) {
if (dateValue != null && dateValue.length > 0) {
var disconnected = new Date();
@ -467,6 +475,13 @@ function trim(val) {
return val.replace(/^\s*/, "").replace(/\s*$/, "");
}
function noNull(val) {
if(val == null)
return "";
else
return val;
}
// Prevent cross-site-script(XSS) attack.
// used right before adding user input to the DOM tree. e.g. DOM_element.html(sanitizeXSS(user_input));
function sanitizeXSS(val) {

14
ui/scripts/cloud.core.network.js
View File

@ -36,7 +36,7 @@ function showNetworkingTab(p_domainId, p_account) {
var zoneSelect = $("#dialog_acquire_public_ip #acquire_zone").empty();
if (zones != null && zones.length > 0) {
for (var i = 0; i < zones.length; i++) {
zoneSelect.append("<option value='" + zones[i].id + "'>" + sanitizeXSS(zones[i].name) + "</option>");
zoneSelect.append("<option value='" + zones[i].id + "'>" + fromdb(zones[i].name) + "</option>");
}
}
}
@ -221,7 +221,7 @@ function showNetworkingTab(p_domainId, p_account) {
var domains = json.listdomainsresponse.domain;
if (domains != null && domains.length > 0) {
for (var i = 0; i < domains.length; i++) {
domainSelect.append("<option value='" + domains[i].id + "'>" + sanitizeXSS(domains[i].name) + "</option>");
domainSelect.append("<option value='" + domains[i].id + "'>" + fromdb(domains[i].name) + "</option>");
}
}
}
@ -517,7 +517,7 @@ function showNetworkingTab(p_domainId, p_account) {
} else if (result.jobstatus == 2) { //Fail
loadingImg.hide();
rowContainer.show();
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
}
}
},
@ -784,7 +784,7 @@ function showNetworkingTab(p_domainId, p_account) {
} else if (result.jobstatus == 2) { //Fail
loadingContainer.hide();
rowContainer.show();
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
}
}
},
@ -845,7 +845,7 @@ function showNetworkingTab(p_domainId, p_account) {
loading.hide();
rowContainer.show();
} else if (result.jobstatus == 2) { // Failed
$("#dialog_error").html("<p style='color:red'><b>Operation error:</b></p><br/><p style='color:red'>"+ sanitizeXSS(result.jobresult)+"</p>").dialog("open");
$("#dialog_error").html("<p style='color:red'><b>Operation error:</b></p><br/><p style='color:red'>"+ fromdb(result.jobresult)+"</p>").dialog("open");
loading.hide();
rowContainer.show();
}
@ -1148,7 +1148,7 @@ function showNetworkingTab(p_domainId, p_account) {
//*** Network Group (begin) **********************************************************************
function networkGroupJSONToTemplate(json, template) {
(index++ % 2 == 0)? template.addClass("smallrow_even"): template.addClass("smallrow_odd");
template.attr("id", "networkGroup_"+json.id).data("networkGroupId", json.id).data("domainId", json.domainid).data("account",json.account).data("networkGroupName", sanitizeXSS(json.name));
template.attr("id", "networkGroup_"+json.id).data("networkGroupId", json.id).data("domainId", json.domainid).data("account",json.account).data("networkGroupName", fromdb(json.name));
template.find("#id").text(json.id);
template.find("#name").text(json.name);
template.find("#description").text(json.description);
@ -1597,7 +1597,7 @@ function showNetworkingTab(p_domainId, p_account) {
});
});
} else if (result.jobstatus == 2) {
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
loadingImg.hide();
rowContainer.show();
}

40
ui/scripts/cloud.core.storage.js
View File

@ -35,10 +35,10 @@ function showStorageTab(domainId, targetTab) {
if (zones != null && zones.length > 0) {
for (var i = 0; i < zones.length; i++) {
if(isAdmin) {
poolZoneSelect.append("<option value='" + zones[i].id + "'>" + sanitizeXSS(zones[i].name) + "</option>");
hostZoneSelect.append("<option value='" + zones[i].id + "'>" + sanitizeXSS(zones[i].name) + "</option>");
poolZoneSelect.append("<option value='" + zones[i].id + "'>" + fromdb(zones[i].name) + "</option>");
hostZoneSelect.append("<option value='" + zones[i].id + "'>" + fromdb(zones[i].name) + "</option>");
}
volumeZoneSelect.append("<option value='" + zones[i].id + "'>" + sanitizeXSS(zones[i].name) + "</option>");
volumeZoneSelect.append("<option value='" + zones[i].id + "'>" + fromdb(zones[i].name) + "</option>");
}
}
if (isAdmin) {
@ -58,7 +58,7 @@ function showStorageTab(domainId, targetTab) {
if (offerings != null && offerings.length > 0) {
if (offerings != null && offerings.length > 0) {
for (var i = 0; i < offerings.length; i++)
volumeDiskOfferingSelect.append("<option value='" + offerings[i].id + "'>" + sanitizeXSS(offerings[i].displaytext) + "</option>");
volumeDiskOfferingSelect.append("<option value='" + offerings[i].id + "'>" + fromdb(offerings[i].displaytext) + "</option>");
}
}
}
@ -177,7 +177,7 @@ function showStorageTab(domainId, targetTab) {
});
} else if (result.jobstatus == 2) {
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
template.slideUp("slow", function() {
$(this).remove();
});
@ -252,8 +252,8 @@ function showStorageTab(domainId, targetTab) {
template.data("vmname", getVmName(json.vmname, json.vmdisplayname));
template.data("vmstate", json.vmstate);
template.data("domainId", json.domainid);
template.data("account", sanitizeXSS(json.account));
template.data("volumeName", sanitizeXSS(json.name));
template.data("account", fromdb(json.account));
template.data("volumeName", fromdb(json.name));
template.data("vmid", json.virtualmachineid);
template.data("zoneId", json.zoneid);
@ -449,7 +449,7 @@ function showStorageTab(domainId, targetTab) {
} else if (result.jobstatus == 2) {
loadingImg.hide();
rowContainer.show();
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
}
}
},
@ -509,7 +509,7 @@ function showStorageTab(domainId, targetTab) {
} else if (result.jobstatus == 2) {
loadingImg.hide();
rowContainer.show();
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
}
}
},
@ -576,7 +576,7 @@ function showStorageTab(domainId, targetTab) {
} else if (result.jobstatus == 2) {
loadingImg.hide();
rowContainer.show();
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
}
}
},
@ -1052,7 +1052,7 @@ function showStorageTab(domainId, targetTab) {
// Failed
loadingImg.hide();
rowContainer.show();
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
}
}
},
@ -1132,7 +1132,7 @@ function showStorageTab(domainId, targetTab) {
// Failed
loadingImg.hide();
rowContainer.show();
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
}
}
},
@ -1209,7 +1209,7 @@ function showStorageTab(domainId, targetTab) {
if (result.jobstatus == 1) {
$("#dialog_info").html("<p>" + ((isPublic=="true")? "Public":"Private") + " template: " + name + " has been successfully created</p>").dialog("open");
} else if (result.jobstatus == 2) {
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
}
}
},
@ -1275,7 +1275,7 @@ function showStorageTab(domainId, targetTab) {
} else if (result.jobstatus == 2) {
loadingImg.hide();
rowContainer.show();
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
}
}
},
@ -1508,7 +1508,7 @@ function showStorageTab(domainId, targetTab) {
rowContainer.show();
});
} else if (result.jobstatus == 2) {
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
template.slideUp("slow", function() {
$(this).remove();
});
@ -1577,7 +1577,7 @@ function showStorageTab(domainId, targetTab) {
} else if (result.jobstatus == 2) {
loadingImg.hide();
rowContainer.show();
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
}
}
},
@ -1643,7 +1643,7 @@ function showStorageTab(domainId, targetTab) {
} else if (result.jobstatus == 2) {
loadingImg.hide();
rowContainer.show();
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
}
}
},
@ -1717,7 +1717,7 @@ function showStorageTab(domainId, targetTab) {
template.find("#row_container").addClass("smallrow_odd");
}
template.data("id", json.id).data("name", sanitizeXSS(json.name));
template.data("id", json.id).data("name", fromdb(json.name));
template.find("#pool_id").text(json.id);
template.find("#pool_name").text(json.name);
template.find("#pool_zone").text(json.zonename);
@ -1790,7 +1790,7 @@ function showStorageTab(domainId, targetTab) {
var podSelect = $("#dialog_add_pool").find("#pool_pod").empty();
if (pods != null && pods.length > 0) {
for (var i = 0; i < pods.length; i++) {
podSelect.append("<option value='" + pods[i].id + "'>" + sanitizeXSS(pods[i].name) + "</option>");
podSelect.append("<option value='" + pods[i].id + "'>" + fromdb(pods[i].name) + "</option>");
}
}
$("#dialog_add_pool").find("#pool_pod").change();
@ -2094,7 +2094,7 @@ function showStorageTab(domainId, targetTab) {
} else {
template.find("#row_container").addClass("smallrow_odd");
}
template.data("hostName", sanitizeXSS(json.name));
template.data("hostName", fromdb(json.name));
template.find("#storage_type").text(json.type);
template.find("#storage_name").text(json.name);
template.find("#storage_zone").text(json.zonename);

44
ui/scripts/cloud.core.templates.js
View File

@ -73,8 +73,8 @@ function showTemplatesTab() {
var zones = json.listzonesresponse.zone;
if (zones != null && zones.length > 0) {
for (var i = 0; i < zones.length; i++) {
addTemplateZoneField.append("<option value='" + zones[i].id + "'>" + sanitizeXSS(zones[i].name) + "</option>");
addIsoZoneField.append("<option value='" + zones[i].id + "'>" + sanitizeXSS(zones[i].name) + "</option>");
addTemplateZoneField.append("<option value='" + zones[i].id + "'>" + fromdb(zones[i].name) + "</option>");
addIsoZoneField.append("<option value='" + zones[i].id + "'>" + fromdb(zones[i].name) + "</option>");
g_zoneIds.push(zones[i].id);
g_zoneNames.push(zones[i].name);
}
@ -87,7 +87,7 @@ function showTemplatesTab() {
if (g_zoneIds != null && g_zoneIds.length > 0) {
for (var i = 0; i < g_zoneIds.length; i++) {
if(g_zoneIds[i] != excludeZoneId)
zoneField.append("<option value='" + g_zoneIds[i] + "'>" + sanitizeXSS(g_zoneNames[i]) + "</option>");
zoneField.append("<option value='" + g_zoneIds[i] + "'>" + fromdb(g_zoneNames[i]) + "</option>");
}
}
}
@ -118,8 +118,8 @@ function showTemplatesTab() {
var templateServiceOfferingField = $("#dialog_create_vm_from_template #service_offering").empty();
var isoServiceOfferingField = $("#dialog_create_vm_from_iso #service_offering").empty();
for(var i = 0; i < items.length; i++) {
templateServiceOfferingField.append("<option value='" + items[i].id + "'>" + sanitizeXSS(items[i].name) + "</option>");
isoServiceOfferingField.append("<option value='" + items[i].id + "'>" + sanitizeXSS(items[i].name) + "</option>");
templateServiceOfferingField.append("<option value='" + items[i].id + "'>" + fromdb(items[i].name) + "</option>");
isoServiceOfferingField.append("<option value='" + items[i].id + "'>" + fromdb(items[i].name) + "</option>");
}
}
}
@ -137,8 +137,8 @@ function showTemplatesTab() {
var isoDiskOfferingField = $("#dialog_create_vm_from_iso #disk_offering").empty();
for(var i = 0; i < items.length; i++) {
templateDiskOfferingField.append("<option value='" + items[i].id + "'>" + sanitizeXSS(items[i].name) + "</option>");
isoDiskOfferingField.append("<option value='" + items[i].id + "'>" + sanitizeXSS(items[i].name) + "</option>");
templateDiskOfferingField.append("<option value='" + items[i].id + "'>" + fromdb(items[i].name) + "</option>");
isoDiskOfferingField.append("<option value='" + items[i].id + "'>" + fromdb(items[i].name) + "</option>");
}
}
@ -234,9 +234,9 @@ function showTemplatesTab() {
(index++ % 2 == 0)? template.addClass("dbsmallrow_odd"):template.addClass("dbsmallrow_even");
template.attr("id", "template"+json.id+"_zone"+json.zoneid);
template.data("templateId", json.id);
template.data("zoneId",sanitizeXSS(json.zoneid));
template.data("zoneName",sanitizeXSS(json.zonename));
template.data("name", sanitizeXSS(json.name));
template.data("zoneId",fromdb(json.zoneid));
template.data("zoneName",fromdb(json.zonename));
template.data("name", fromdb(json.name));
template.data("isPublic", json.ispublic);
template.data("isFeatured", json.isfeatured);
template.data("passwordEnabled", json.passwordenabled);
@ -420,7 +420,7 @@ function showTemplatesTab() {
that.slideUp("slow", function() { $(this).remove() });
changeGridRowsTotal($("#submenu_content_template").find("#grid_rows_total"), -1);
} else if (result.jobstatus == 2) {
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
loadingImg.hide();
rowContainer.show();
}
@ -497,13 +497,13 @@ function showTemplatesTab() {
} else {
$("body").stopTime(timerKey);
if (result.jobstatus == 1) {
$("#dialog_info").html("<p>Template download started (ID: <b>"+result.copytemplateresponse[0].id+"</b>, Zone: <b>"+sanitizeXSS(result.copytemplateresponse[0].zonename)+"</b>, Name: <b>"+sanitizeXSS(result.copytemplateresponse[0].name)+"</b>) . Check the progress...</p>").dialog("open");
$("#dialog_info").html("<p>Template download started (ID: <b>"+result.copytemplateresponse[0].id+"</b>, Zone: <b>"+fromdb(result.copytemplateresponse[0].zonename)+"</b>, Name: <b>"+fromdb(result.copytemplateresponse[0].name)+"</b>) . Check the progress...</p>").dialog("open");
loadingImg.hide();
rowContainer.show();
$("#template_type").val("self");
$("#template_type").change();
} else if (result.jobstatus == 2) {
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
loadingImg.hide();
rowContainer.show();
}
@ -610,15 +610,15 @@ function showTemplatesTab() {
// Succeeded
var htmlMsg;
if (result.virtualmachine[0].passwordenabled == 'true')
htmlMsg = "Your instance from " + sanitizeXSS(name) + " has been successfully created. Your new password is : <b>" + result.virtualmachine[0].password + "</b> . Please change it as soon as you log into your new instance";
htmlMsg = "Your instance from " + fromdb(name) + " has been successfully created. Your new password is : <b>" + result.virtualmachine[0].password + "</b> . Please change it as soon as you log into your new instance";
else
htmlMsg = "Your instance from " + sanitizeXSS(name) + " has been successfully created.";
htmlMsg = "Your instance from " + fromdb(name) + " has been successfully created.";
$("#dialog_info").html(htmlMsg).dialog("open");
loadingImg.hide();
rowContainer.show();
} else if (result.jobstatus == 2) {
// Failed
$("#dialog_info").html("Unable to create your new instance from " + sanitizeXSS(name) + " due to the error: " + sanitizeXSS(result.jobresult)).dialog("open");
$("#dialog_info").html("Unable to create your new instance from " + fromdb(name) + " due to the error: " + fromdb(result.jobresult)).dialog("open");
loadingImg.hide();
rowContainer.show();
}
@ -804,9 +804,9 @@ function showTemplatesTab() {
}
template.data("isoId", json.id);
template.data("zoneId",sanitizeXSS(json.zoneid));
template.data("zoneName",sanitizeXSS(json.zonename));
template.data("name", sanitizeXSS(json.name));
template.data("zoneId",fromdb(json.zoneid));
template.data("zoneName",fromdb(json.zonename));
template.data("name", fromdb(json.name));
template.data("isPublic", json.ispublic);
template.find("#iso_id").text(json.id);
@ -928,7 +928,7 @@ function showTemplatesTab() {
that.slideUp("slow", function() { $(this).remove() });
changeGridRowsTotal($("#submenu_content_iso").find("#grid_rows_total"), -1);
} else if (result.jobstatus == 2) {
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
loadingImg.hide();
rowContainer.show();
}
@ -1009,13 +1009,13 @@ function showTemplatesTab() {
} else {
$("body").stopTime(timerKey);
if (result.jobstatus == 1) {
$("#dialog_info").html("<p>ISO download started (ID: <b>"+result.copytemplateresponse[0].id+"</b>, Zone: <b>"+sanitizeXSS(result.copytemplateresponse[0].zonename)+"</b>, Name: <b>"+sanitizeXSS(result.copytemplateresponse[0].name)+"</b>) . Check the progress...</p>").dialog("open");
$("#dialog_info").html("<p>ISO download started (ID: <b>"+result.copytemplateresponse[0].id+"</b>, Zone: <b>"+fromdb(result.copytemplateresponse[0].zonename)+"</b>, Name: <b>"+fromdb(result.copytemplateresponse[0].name)+"</b>) . Check the progress...</p>").dialog("open");
loadingImg.hide();
rowContainer.show();
currentPage=1; //refresh the whole ISO grid until Keshav changes copyIso to return the newly created ISO.
listIsos();
} else if (result.jobstatus == 2) {
$("#dialog_alert").html("<p>" + sanitizeXSS(result.jobresult) + "</p>").dialog("open");
$("#dialog_alert").html("<p>" + fromdb(result.jobresult) + "</p>").dialog("open");
loadingImg.hide();
rowContainer.show();
}