ui(admin): better handling of manual HTML rendering

This commit is contained in:
Matthew Penner 2024-04-11 10:47:00 -06:00
parent b1fa3927c1
commit 0dad4c5a48
No known key found for this signature in database
3 changed files with 30 additions and 12 deletions

View File

@ -109,6 +109,12 @@ $('#pEggId').on('change', function (event) {
), ),
}); });
function escapeHtml(str) {
var div = document.createElement('div');
div.appendChild(document.createTextNode(str));
return div.innerHTML;
}
const variableIds = {}; const variableIds = {};
$('#appendVariablesTo').html(''); $('#appendVariablesTo').html('');
$.each(_.get(objectChain, 'variables', []), function (i, item) { $.each(_.get(objectChain, 'variables', []), function (i, item) {
@ -117,11 +123,11 @@ $('#pEggId').on('change', function (event) {
let isRequired = (item.required === 1) ? '<span class="label label-danger">Required</span> ' : ''; let isRequired = (item.required === 1) ? '<span class="label label-danger">Required</span> ' : '';
let dataAppend = ' \ let dataAppend = ' \
<div class="form-group col-sm-6"> \ <div class="form-group col-sm-6"> \
<label for="var_ref_' + item.id + '" class="control-label">' + isRequired + item.name + '</label> \ <label for="var_ref_' + escapeHtml(item.id) + '" class="control-label">' + isRequired + escapeHtml(item.name) + '</label> \
<input type="text" id="var_ref_' + item.id + '" autocomplete="off" name="environment[' + item.env_variable + ']" class="form-control" value="' + item.default_value + '" /> \ <input type="text" id="var_ref_' + escapeHtml(item.id) + '" autocomplete="off" name="environment[' + escapeHtml(item.env_variable) + ']" class="form-control" value="' + escapeHtml(item.default_value) + '" /> \
<p class="text-muted small">' + item.description + '<br /> \ <p class="text-muted small">' + escapeHtml(item.description) + '<br /> \
<strong>Access in Startup:</strong> <code>{{' + item.env_variable + '}}</code><br /> \ <strong>Access in Startup:</strong> <code>{{' + escapeHtml(item.env_variable) + '}}</code><br /> \
<strong>Validation Rules:</strong> <code>' + item.rules + '</code></small></p> \ <strong>Validation Rules:</strong> <code>' + escapeHtml(item.rules) + '</code></small></p> \
</div> \ </div> \
'; ';
$('#appendVariablesTo').append(dataAppend); $('#appendVariablesTo').append(dataAppend);

View File

@ -145,14 +145,20 @@
@section('footer-scripts') @section('footer-scripts')
@parent @parent
<script> <script>
function escapeHtml(str) {
var div = document.createElement('div');
div.appendChild(document.createTextNode(str));
return div.innerHTML;
}
(function getInformation() { (function getInformation() {
$.ajax({ $.ajax({
method: 'GET', method: 'GET',
url: '/admin/nodes/view/{{ $node->id }}/system-information', url: '/admin/nodes/view/{{ $node->id }}/system-information',
timeout: 5000, timeout: 5000,
}).done(function (data) { }).done(function (data) {
$('[data-attr="info-version"]').html(data.version); $('[data-attr="info-version"]').html(escapeHtml(data.version));
$('[data-attr="info-system"]').html(data.system.type + ' (' + data.system.arch + ') <code>' + data.system.release + '</code>'); $('[data-attr="info-system"]').html(escapeHtml(data.system.type) + ' (' + escapeHtml(data.system.arch) + ') <code>' + escapeHtml(data.system.release) + '</code>');
$('[data-attr="info-cpus"]').html(data.system.cpus); $('[data-attr="info-cpus"]').html(data.system.cpus);
}).fail(function (jqXHR) { }).fail(function (jqXHR) {

View File

@ -107,6 +107,12 @@
@parent @parent
{!! Theme::js('vendor/lodash/lodash.js') !!} {!! Theme::js('vendor/lodash/lodash.js') !!}
<script> <script>
function escapeHtml(str) {
var div = document.createElement('div');
div.appendChild(document.createTextNode(str));
return div.innerHTML;
}
$(document).ready(function () { $(document).ready(function () {
$('#pEggId').select2({placeholder: 'Select a Nest Egg'}).on('change', function () { $('#pEggId').select2({placeholder: 'Select a Nest Egg'}).on('change', function () {
var selectedEgg = _.isNull($(this).val()) ? $(this).find('option').first().val() : $(this).val(); var selectedEgg = _.isNull($(this).val()) ? $(this).find('option').first().val() : $(this).val();
@ -149,15 +155,15 @@
<div class="col-xs-12"> \ <div class="col-xs-12"> \
<div class="box"> \ <div class="box"> \
<div class="box-header with-border"> \ <div class="box-header with-border"> \
<h3 class="box-title">' + isRequired + item.name + '</h3> \ <h3 class="box-title">' + isRequired + escapeHtml(item.name) + '</h3> \
</div> \ </div> \
<div class="box-body"> \ <div class="box-body"> \
<input name="environment[' + item.env_variable + ']" class="form-control" type="text" id="egg_variable_' + item.env_variable + '" /> \ <input name="environment[' + escapeHtml(item.env_variable) + ']" class="form-control" type="text" id="egg_variable_' + escapeHtml(item.env_variable) + '" /> \
<p class="no-margin small text-muted">' + item.description + '</p> \ <p class="no-margin small text-muted">' + escapeHtml(item.description) + '</p> \
</div> \ </div> \
<div class="box-footer"> \ <div class="box-footer"> \
<p class="no-margin text-muted small"><strong>Startup Command Variable:</strong> <code>' + item.env_variable + '</code></p> \ <p class="no-margin text-muted small"><strong>Startup Command Variable:</strong> <code>' + escapeHtml(item.env_variable) + '</code></p> \
<p class="no-margin text-muted small"><strong>Input Rules:</strong> <code>' + item.rules + '</code></p> \ <p class="no-margin text-muted small"><strong>Input Rules:</strong> <code>' + escapeHtml(item.rules) + '</code></p> \
</div> \ </div> \
</div> \ </div> \
</div>'; </div>';