Replace usage of .html(...) with .text(...) where possible;
Wrap input with fs.sanitize(...) where .html() must be used.
Change-Id: I39e20b6fb561b3a1801579ca6a86a5f94483e4a9
diff --git a/apps/faultmanagement/fmgui/src/main/resources/app/view/alarmTable/alarmTable.js b/apps/faultmanagement/fmgui/src/main/resources/app/view/alarmTable/alarmTable.js
index a742dae..20f8b84 100644
--- a/apps/faultmanagement/fmgui/src/main/resources/app/view/alarmTable/alarmTable.js
+++ b/apps/faultmanagement/fmgui/src/main/resources/app/view/alarmTable/alarmTable.js
@@ -9,15 +9,22 @@
var detailsReq = 'alarmTableDetailsRequest',
detailsResp = 'alarmTableDetailsResponse',
pName = 'ov-alarm-table-item-details-panel',
- propOrder = ['id', 'alarmDeviceId', 'alarmDesc', 'alarmSource', 'alarmTimeRaised', 'alarmTimeUpdated', 'alarmTimeCleared', 'alarmSeverity'],
- friendlyProps = ['Alarm Id', 'Device Id', 'Description', 'Source', 'Time Raised', 'Time Updated', 'Time Cleared', 'Severity'];
+ propOrder = [
+ 'id', 'alarmDeviceId', 'alarmDesc', 'alarmSource',
+ 'alarmTimeRaised', 'alarmTimeUpdated', 'alarmTimeCleared',
+ 'alarmSeverity'
+ ],
+ friendlyProps = [
+ 'Alarm Id', 'Device Id', 'Description', 'Source',
+ 'Time Raised', 'Time Updated', 'Time Cleared', 'Severity'
+ ];
function addProp(tbody, index, value) {
var tr = tbody.append('tr');
function addCell(cls, txt) {
- tr.append('td').attr('class', cls).html(txt);
+ tr.append('td').attr('class', cls).text(txt);
}
addCell('label', friendlyProps[index] + ' :');
addCell('value', value);