IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

fix: form dropdown, escape autocomplete dropdown items, fixes #9089

Browse Source
This commit is contained in:
Torkel Ödegaard
2017-08-28 11:00:42 +02:00
parent e91cf28f8d
commit bf110d02d1
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
public/app/core/components/form_dropdown/form_dropdown.ts
View File

@@ -115,7 +115,9 @@ export class FormDropdownCtrl {
this.optionCache = options;
// extract texts
let optionTexts = _.map(options, 'text');
let optionTexts = _.map(options, op => {
return _.escape(op.text);
});
// add custom values
if (this.allowCustom) {

2
public/app/plugins/datasource/elasticsearch/query_def.js
View File

@@ -29,7 +29,7 @@ function (_) {
orderByOptions: [
{text: "Doc Count", value: '_count' },
{text: "Term value", value: '_term' },
{text: "Term value<script>alert('hello')</script>", value: '_term' },
],
orderOptions: [