github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-19 01:57:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

updated so that the Filename was properely escaped in Javascript so that it shows up correctly in the report to fix issue #91

Browse Source 
Former-commit-id: ec161508db21c0a3d1f4f6f4130e5fdc63d9b367
This commit is contained in:
Jeremy Long
2014-03-16 04:13:43 -04:00
parent 44326cd8c1
commit cbb705c367
2 changed files with 23 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
dependency-check-core/src/main/resources/templates/HtmlReport.vsl
View File

@@ -586,7 +586,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
#end
#if ($id.type=="cpe")
##yes, we are HTML Encoding into JavaScript... the escape utils don't have a JS Encode and I haven't written one yet
&nbsp;&nbsp;<button class="copybutton" onclick="copyText('$esc.html($dependency.FileName)', '$esc.html($dependency.Sha1sum)', 'cpe', '$esc.html($id.value)')">suppress</button>
&nbsp;&nbsp;<button class="copybutton" onclick="copyText('$esc.html($dependency.FileNameForJavaScript)', '$esc.html($dependency.Sha1sum)', 'cpe', '$esc.html($id.value)')">suppress</button>
#end
#if ($id.description)
<br/>$esc.html($id.description)
@@ -602,7 +602,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
<div id="content$cnt" class="subsectioncontent standardsubsection">
#foreach($vuln in $dependency.getVulnerabilities())
#set($vsctr=$vsctr+1)
<p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=$esc.url($vuln.name)">$esc.html($vuln.name)</a></b>&nbsp;&nbsp;<button class="copybutton" onclick="copyText('$esc.html($dependency.FileName)', '$esc.html($dependency.Sha1sum)', 'cve', '$esc.html($vuln.name)')">suppress</button></p>
<p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=$esc.url($vuln.name)">$esc.html($vuln.name)</a></b>&nbsp;&nbsp;<button class="copybutton" onclick="copyText('$esc.html($dependency.FileNameForJavaScript)', '$esc.html($dependency.Sha1sum)', 'cve', '$esc.html($vuln.name)')">suppress</button></p>
<p>Severity:
#if ($vuln.cvssScore<4.0)
Low