d4708/qBittorrent
1
0
Fork 0
mirror of https://github.com/d47081/qBittorrent.git synced 2025-01-22 20:44:15 +00:00
Code Issues Projects Releases Wiki Activity

Use proper method for manipulating text

Browse Source 
`innerText` is too powerful for the job here, use a more
restricted/secure way to manipulate text.

Related: #17211.
PR #17212.
This commit is contained in:
Chocobo1 2022-06-17 13:00:32 +08:00 committed by GitHub
parent d5e6d161f2
commit 3dd616f6ff
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/webui/www/private/scripts/download.js
View File

@ -106,7 +106,7 @@ window.qBittorrent.Download = (function() {
}
else {
item.nextElementSibling.hidden = true;
const text = item.options[item.selectedIndex].innerHTML;
const text = item.options[item.selectedIndex].textContent;
item.nextElementSibling.value = text;
if ($('autoTMM').selectedIndex == 1) {

4
src/webui/www/private/views/preferences.html
View File

@ -1374,7 +1374,7 @@
}
else {
item.nextElementSibling.hidden = true;
const text = item.options[item.selectedIndex].innerHTML;
const text = item.options[item.selectedIndex].textContent;
item.nextElementSibling.value = text;
}
};
@ -1397,7 +1397,7 @@
$('cb_watch_' + pos).setProperty('value', sel);
if (disableInput) {
const elt = $('cb_watch_' + pos);
other = elt.options[elt.selectedIndex].innerHTML;
other = elt.options[elt.selectedIndex].textContent;
}
$('cb_watch_txt_' + pos).setProperty('value', other);

6
src/webui/www/private/views/rssDownloader.html
View File

@ -682,7 +682,7 @@ Supports the formats: S01E01, 1x1, 2017.12.31 and 31.12.2017 (Date formats also
$('savetoDifferentDir').checked = false;
$('saveToText').value = '';
$('ignoreDaysValue').value = 0;
$('lastMatchText').innerHTML = 'QBT_TR(Last Match: Unknown)QBT_TR[CONTEXT=AutomatedRssDownloader]';
$('lastMatchText').textContent = 'QBT_TR(Last Match: Unknown)QBT_TR[CONTEXT=AutomatedRssDownloader]';
$('addPausedCombobox').value = 'default';
$('contentLayoutCombobox').value = 'Default';
rssDownloaderFeedSelectionTable.clear();
@ -724,10 +724,10 @@ Supports the formats: S01E01, 1x1, 2017.12.31 and 31.12.2017 (Date formats also
if (rulesList[ruleName].lastMatch !== '') {
let timeDiffInMs = new Date().getTime() - new Date(rulesList[ruleName].lastMatch).getTime();
let daysAgo = Math.floor(timeDiffInMs / (1000 * 60 * 60 * 24)).toString();
$('lastMatchText').innerHTML = ' QBT_TR(Last Match: %1 days ago)QBT_TR[CONTEXT=AutomatedRssDownloader]'.replace('%1', daysAgo);
$('lastMatchText').textContent = ' QBT_TR(Last Match: %1 days ago)QBT_TR[CONTEXT=AutomatedRssDownloader]'.replace('%1', daysAgo);
}
else {
$('lastMatchText').innerHTML = 'QBT_TR(Last Match: Unknown)QBT_TR[CONTEXT=AutomatedRssDownloader]';
$('lastMatchText').textContent = 'QBT_TR(Last Match: Unknown)QBT_TR[CONTEXT=AutomatedRssDownloader]';
}
if (rulesList[ruleName].addPaused === null)

4
src/webui/www/public/scripts/login.js
View File

@ -48,11 +48,11 @@ function submitLoginForm() {
if ((xhr.status === 200) && (xhr.responseText === "Ok."))
location.reload(true);
else
errorMsgElement.innerHTML = 'QBT_TR(Invalid Username or Password.)QBT_TR[CONTEXT=HttpServer]';
errorMsgElement.textContent = 'QBT_TR(Invalid Username or Password.)QBT_TR[CONTEXT=HttpServer]';
}
});
xhr.addEventListener('error', function() {
errorMsgElement.innerHTML = (xhr.responseText !== "")
errorMsgElement.textContent = (xhr.responseText !== "")
? xhr.responseText
: 'QBT_TR(Unable to log in, qBittorrent is probably unreachable.)QBT_TR[CONTEXT=HttpServer]';
});