composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-27 12:38:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°4355/1745 Prevent malformed caselog entries from breaking activity panel DOM

Browse Source
This commit is contained in:
Stephen Abello
2021-11-09 16:18:25 +01:00
parent 60a17c9a65
commit 395c9c288b
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
sources/application/UI/Base/Layout/ActivityPanel/ActivityEntry/ActivityEntryFactory.php
View File

@@ -83,11 +83,12 @@ class ActivityEntryFactory
$oUser = MetaModel::GetObject('User', $aOrmEntry['user_id'], false, true);
$sUserLogin = ($oUser === null) ? '' : $oUser->Get('login');
// We sanitize OrmEntry even if it's already sanitized: if the entry is somehow truncated or metadata are wrong we may break whole page DOM
$oEntry = new CaseLogEntry(
DateTime::createFromFormat(AttributeDateTime::GetInternalFormat(), $aOrmEntry['date']),
$sUserLogin,
$sAttCode,
$aOrmEntry['message_html'],
\HTMLSanitizer::Sanitize($aOrmEntry['message_html']),
$aOrmEntry['user_login']
);