LupusNobilis
/
sogo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix(addressbook(js)): sanitize fullname when using HTML

master
Francis Lachapelle 2021-10-05 08:31:53 -04:00
parent 7885932485
commit ffed88c069
1 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
UI/WebServerResources/js/Contacts/Card.service.js
View File

@ -38,10 +38,11 @@
* @desc The factory we'll use to register with Angular. * @desc The factory we'll use to register with Angular.
* @returns the Card constructor * @returns the Card constructor
*/ */
Card.$factory = ['$q', '$timeout', 'sgSettings', 'sgCard_STATUS', 'encodeUriFilter', 'Resource', 'Preferences', function($q, $timeout, Settings, Card_STATUS, encodeUriFilter, Resource, Preferences) { Card.$factory = ['$q', '$timeout', 'sgSettings', 'sgCard_STATUS', 'encodeUriFilter', 'linkyFilter', 'Resource', 'Preferences', function($q, $timeout, Settings, Card_STATUS, encodeUriFilter, linkyFilter, Resource, Preferences) {
angular.extend(Card, { angular.extend(Card, {
STATUS: Card_STATUS, STATUS: Card_STATUS,
encodeUri: encodeUriFilter, encodeUri: encodeUriFilter,
linky: linkyFilter,
$$resource: new Resource(Settings.activeUser('folderURL') + 'Contacts', Settings.activeUser()), $$resource: new Resource(Settings.activeUser('folderURL') + 'Contacts', Settings.activeUser()),
$q: $q, $q: $q,
$timeout: $timeout, $timeout: $timeout,
@ -334,28 +335,28 @@
}; };
Card.prototype.$fullname = function(options) { Card.prototype.$fullname = function(options) {
var fn = this.c_cn || '', html = options && options.html, email, names; var fn = Card.linky(this.c_cn) || '', html = options && options.html, email, names;
if (fn.length === 0) { if (fn.length === 0) {
names = []; names = [];
if (this.c_givenname && this.c_givenname.length > 0) if (this.c_givenname && this.c_givenname.length > 0)
names.push(this.c_givenname); names.push(Card.linky(this.c_givenname));
if (this.nickname && this.nickname.length > 0) if (this.nickname && this.nickname.length > 0)
names.push((html?'<em>':'') + this.nickname + (html?'</em>':'')); names.push((html?'<em>':'') + Card.linky(this.nickname) + (html?'</em>':''));
if (this.c_sn && this.c_sn.length > 0) if (this.c_sn && this.c_sn.length > 0)
names.push(this.c_sn); names.push(Card.linky(this.c_sn));
if (names.length > 0) if (names.length > 0)
fn = names.join(' '); fn = names.join(' ');
else if (this.org && this.org.length > 0) { else if (this.org && this.org.length > 0) {
fn = this.org; fn = Card.linky(this.org);
} }
else if (this.emails && this.emails.length > 0) { else if (this.emails && this.emails.length > 0) {
email = _.find(this.emails, function(i) { return i.value !== ''; }); email = _.find(this.emails, function(i) { return i.value !== ''; });
if (email) if (email)
fn = email.value; fn = Card.linky(email.value);
} }
} }
if (this.contactinfo) if (this.contactinfo)
fn += ' (' + this.contactinfo.split("\n").join("; ") + ')'; fn += ' (' + Card.linky(this.contactinfo.split("\n").join("; ")) + ')';
return fn; return fn;
}; };