mirror of
https://github.com/silverstripe/silverstripe-dms
synced 2024-10-22 14:05:56 +02:00
FIX Ensure actions panel keys and values have possible HTML escaped
This commit is contained in:
parent
45092dfb16
commit
0e84799f59
@ -1320,6 +1320,9 @@ class DMSDocument extends DataObject implements DMSDocumentInterface
|
|||||||
. '<ul>';
|
. '<ul>';
|
||||||
|
|
||||||
foreach ($this->actionTasks as $panelKey => $title) {
|
foreach ($this->actionTasks as $panelKey => $title) {
|
||||||
|
$panelKey = Convert::raw2xml($panelKey);
|
||||||
|
$title = Convert::raw2xml($title);
|
||||||
|
|
||||||
$html .= '<li class="ss-ui-button dmsdocument-action" data-panel="' . $panelKey . '">'
|
$html .= '<li class="ss-ui-button dmsdocument-action" data-panel="' . $panelKey . '">'
|
||||||
. _t('DMSDocument.ACTION_' . strtoupper($panelKey), $title)
|
. _t('DMSDocument.ACTION_' . strtoupper($panelKey), $title)
|
||||||
. '</li>';
|
. '</li>';
|
||||||
|
Loading…
Reference in New Issue
Block a user