From 1e9d99e4ac2582bad0353c70d972ad8967a48814 Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Mon, 6 May 2024 10:30:26 +0300 Subject: [PATCH] Escape HTML chars (#1257) IB-8019 Signed-off-by: Raul Metsma --- client/dialogs/SignatureDialog.cpp | 2 +- client/dialogs/SignatureDialog.ui | 15 +++++++++++++++ client/widgets/AddressItem.cpp | 2 +- 3 files changed, 17 insertions(+), 2 deletions(-) diff --git a/client/dialogs/SignatureDialog.cpp b/client/dialogs/SignatureDialog.cpp index da70e6730..69642bab5 100644 --- a/client/dialogs/SignatureDialog.cpp +++ b/client/dialogs/SignatureDialog.cpp @@ -111,7 +111,7 @@ SignatureDialog::SignatureDialog(const DigiDocSignature &signature, QWidget *par d->showErrors->show(); QString name = !c.isNull() ? c.toString(c.showCN() ? QStringLiteral("CN serialNumber") : QStringLiteral("GN SN serialNumber")) : s.signedBy(); - d->title->setText(QStringLiteral("%1 | %2%3").arg(name, style, status)); + d->title->setText(QStringLiteral("%1 | %2%3").arg(name.toHtmlEscaped(), style, status)); d->close->setFont(Styles::font(Styles::Condensed, 14)); connect(d->close, &QPushButton::clicked, this, &SignatureDialog::accept); diff --git a/client/dialogs/SignatureDialog.ui b/client/dialogs/SignatureDialog.ui index 39950c46c..86894f5e7 100644 --- a/client/dialogs/SignatureDialog.ui +++ b/client/dialogs/SignatureDialog.ui @@ -202,6 +202,9 @@ QScrollBar::sub-line:vertical { 31 + + Qt::PlainText + Qt::TextSelectableByKeyboard|Qt::TextSelectableByMouse @@ -231,6 +234,9 @@ QScrollBar::sub-line:vertical { 31 + + Qt::PlainText + Qt::TextSelectableByKeyboard|Qt::TextSelectableByMouse @@ -260,6 +266,9 @@ QScrollBar::sub-line:vertical { 31 + + Qt::PlainText + Qt::TextSelectableByKeyboard|Qt::TextSelectableByMouse @@ -289,6 +298,9 @@ QScrollBar::sub-line:vertical { 31 + + Qt::PlainText + true @@ -327,6 +339,9 @@ QScrollBar::sub-line:vertical { 300 + + Qt::PlainText + true diff --git a/client/widgets/AddressItem.cpp b/client/widgets/AddressItem.cpp index b472cbe1a..4cc51efc8 100644 --- a/client/widgets/AddressItem.cpp +++ b/client/widgets/AddressItem.cpp @@ -65,7 +65,7 @@ AddressItem::AddressItem(CKey k, QWidget *parent, bool showIcon) ui->key.cert.subjectInfo("GN").join(' ') + " " + ui->key.cert.subjectInfo("SN").join(' ') : ui->key.cert.subjectInfo("CN").join(' ')).toHtmlEscaped(); if(ui->label.isEmpty()) - ui->label = ui->key.recipient; + ui->label = ui->key.recipient.toHtmlEscaped(); setIdType(); showButton(AddressItem::Remove); }