From e08ebd2390ad81bcf7d63c200de85eddbf80bcd6 Mon Sep 17 00:00:00 2001 From: Ludovic Marcotte Date: Tue, 16 Jul 2013 11:31:08 -0400 Subject: [PATCH] Fix for bugs #2368 and #2369 --- SoObjects/Appointments/SOGoAptMailNotification.m | 7 ++++++- UI/MailPartViewers/UIxMailPartICalViewer.m | 3 ++- UI/MailerUI/UIxMailListActions.m | 4 ++-- UI/Templates/Appointments/SOGoAptMailInvitation.wox | 4 ++-- UI/WebServerResources/SchedulerUI.js | 4 ++-- 5 files changed, 14 insertions(+), 8 deletions(-) diff --git a/SoObjects/Appointments/SOGoAptMailNotification.m b/SoObjects/Appointments/SOGoAptMailNotification.m index 026137cc0..0d0db981e 100644 --- a/SoObjects/Appointments/SOGoAptMailNotification.m +++ b/SoObjects/Appointments/SOGoAptMailNotification.m @@ -140,9 +140,14 @@ return newEndDate; } +- (NSString *) location +{ + return [[apt location] stringByEscapingHTMLString]; +} + - (NSString *) summary { - return [apt summary]; + return [[apt summary] stringByEscapingHTMLString]; } - (void) setOrganizerName: (NSString *) theString diff --git a/UI/MailPartViewers/UIxMailPartICalViewer.m b/UI/MailPartViewers/UIxMailPartICalViewer.m index 66259a2bf..f377234db 100644 --- a/UI/MailPartViewers/UIxMailPartICalViewer.m +++ b/UI/MailPartViewers/UIxMailPartICalViewer.m @@ -1,6 +1,7 @@ /* Copyright (C) 2004-2005 SKYRIX Software AG - + Copyright (C) 2006-2013 Inverse inc. + This file is part of SOGo. SOGo is free software; you can redistribute it and/or modify it under diff --git a/UI/MailerUI/UIxMailListActions.m b/UI/MailerUI/UIxMailListActions.m index e9142ede4..e766321e9 100644 --- a/UI/MailerUI/UIxMailListActions.m +++ b/UI/MailerUI/UIxMailListActions.m @@ -753,7 +753,7 @@ // To to = [[message objectForKey: @"envelope"] to]; if ([to count] > 0) - [msg addObject: [addressFormatter stringForArray: to]]; + [msg addObject: [[addressFormatter stringForArray: to] stringByEscapingHTMLString]]; else [msg addObject: @""]; @@ -778,7 +778,7 @@ // From from = [[message objectForKey: @"envelope"] from]; if ([from count] > 0) - [msg addObject: [addressFormatter stringForArray: from]]; + [msg addObject: [[addressFormatter stringForArray: from] stringByEscapingHTMLString]]; else [msg addObject: @""]; diff --git a/UI/Templates/Appointments/SOGoAptMailInvitation.wox b/UI/Templates/Appointments/SOGoAptMailInvitation.wox index b5af75331..8efa43197 100644 --- a/UI/Templates/Appointments/SOGoAptMailInvitation.wox +++ b/UI/Templates/Appointments/SOGoAptMailInvitation.wox @@ -24,9 +24,9 @@ h1, dd, .dl-list dt { margin-left: 130px; }
-
-
+
- diff --git a/UI/WebServerResources/SchedulerUI.js b/UI/WebServerResources/SchedulerUI.js index e518cd6c8..eecc04510 100644 --- a/UI/WebServerResources/SchedulerUI.js +++ b/UI/WebServerResources/SchedulerUI.js @@ -748,14 +748,14 @@ function onViewEventCallback(http) { para = $(paras[1]); if (data["calendar"].length) { // Remove owner email from calendar's name - para.down("SPAN", 1).update(data["calendar"].replace(/ \<.*\>/, "")); + para.down("SPAN", 1).update(data["calendar"].escapeHTML()); para.show(); } else para.hide(); para = $(paras[2]); if (data["location"].length) { - para.down("SPAN", 1).update(data["location"]); + para.down("SPAN", 1).update(data["location"].escapeHTML()); para.show(); } else para.hide();