projects
/
freeside.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
rt 4.0.6
[freeside.git]
/
FS
/
FS
/
Mason.pm
diff --git
a/FS/FS/Mason.pm
b/FS/FS/Mason.pm
index
6cc32bd
..
f6ad714
100644
(file)
--- a/
FS/FS/Mason.pm
+++ b/
FS/FS/Mason.pm
@@
-55,7
+55,7
@@
if ( -e $addl_handler_use_file ) {
#use CGI::Carp qw(fatalsToBrowser);
use CGI::Cookie;
#use CGI::Carp qw(fatalsToBrowser);
use CGI::Cookie;
- use List::Util qw( max min );
+ use List::Util qw( max min
sum
);
use Data::Dumper;
use Date::Format;
use Time::Local;
use Data::Dumper;
use Date::Format;
use Time::Local;
@@
-303,6
+303,7
@@
if ( -e $addl_handler_use_file ) {
use FS::discount_plan;
use FS::tower;
use FS::tower_sector;
use FS::discount_plan;
use FS::tower;
use FS::tower_sector;
+ use FS::contact_class;
# Sammath Naur
if ( $FS::Mason::addl_handler_use ) {
# Sammath Naur
if ( $FS::Mason::addl_handler_use ) {
@@
-546,6
+547,8
@@
sub mason_interps {
${$_[0]} =~ s/(['\\])/\\$1/g;
${$_[0]} =~ s/\r/\\r/g;
${$_[0]} =~ s/\n/\\n/g;
${$_[0]} =~ s/(['\\])/\\$1/g;
${$_[0]} =~ s/\r/\\r/g;
${$_[0]} =~ s/\n/\\n/g;
+ # prevent premature termination of the script
+ ${$_[0]} =~ s[</script>][<\\/script>]ig;
${$_[0]} = "'". ${$_[0]}. "'";
};
${$_[0]} = "'". ${$_[0]}. "'";
};
@@
-571,11
+574,13
@@
sub mason_interps {
[ 'freeside' => '%%%FREESIDE_DOCUMENT_ROOT%%%' ],
],
escape_flags => { 'h' => \&RT::Interface::Web::EscapeUTF8,
[ 'freeside' => '%%%FREESIDE_DOCUMENT_ROOT%%%' ],
],
escape_flags => { 'h' => \&RT::Interface::Web::EscapeUTF8,
+ 'u' => \&RT::Interface::Web::EscapeURI,
+ 'j' => \&RT::Interface::Web::EscapeJS,
'js_string' => $js_string_sub,
},
compiler => HTML::Mason::Compiler::ToObject->new(
default_escape_flags => 'h',
'js_string' => $js_string_sub,
},
compiler => HTML::Mason::Compiler::ToObject->new(
default_escape_flags => 'h',
- allow_globals => [qw(%session)],
+ allow_globals => [qw(%session
$DECODED_ARGS
)],
),
);
),
);