Skip to content

Commit

Permalink
Merge pull request from GHSA-fxwm-rx68-p5vx
Browse files Browse the repository at this point in the history
  • Loading branch information
adamwojs authored Nov 25, 2021
1 parent a5c8333 commit b6a0c93
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -263,7 +263,12 @@ export default class EzBtnCustomTagUpdate extends EzWidgetButton {
*/
createAttributes() {
return Object.keys(this.attributes).reduce(
(total, attr) => `${total}<p>${this.attributes[attr].label}: ${this.state.values[attr].value}</p>`,
(total, attr) => {
const label = this.attributes[attr].label;
const value = window.eZ.helpers.text.escapeHTML(this.state.values[attr].value);

return `${total}<p>${label}: ${value}</p>`;
},
''
);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -203,7 +203,7 @@ const customTagBaseDefinition = {
return;
}
const attributes = Object.keys(customTagConfig.attributes).reduce((total, attr) => {
const value = this.getConfig(attr);
const value = global.eZ.helpers.text.escapeHTML(this.getConfig(attr));

return `${total}<p>${customTagConfig.attributes[attr].label}: ${value}</p>`;
}, '');
Expand Down

0 comments on commit b6a0c93

Please sign in to comment.