diff --git a/src/main/webapp/resources/js/downtime-report.js b/src/main/webapp/resources/js/downtime-report.js
index 31ad851..6329d64 100644
--- a/src/main/webapp/resources/js/downtime-report.js
+++ b/src/main/webapp/resources/js/downtime-report.js
@@ -260,7 +260,7 @@ jlab.doParetoChart = function () {
if (href) {
$(this).text("");
- $(this).append('' + label + '');
+ $(this).append('' + String(label).encodeXml() + '');
}
});
@@ -353,7 +353,7 @@ jlab.doRowChart = function () {
if (href) {
$(this).text("");
- $(this).append('' + label + '');
+ $(this).append('' + String(label).encodeXml() + '');
}
});
};
@@ -475,7 +475,7 @@ jlab.doPieChart = function () {
if (href) {
$(this).text("");
- $(this).append('' + label + ' ' + extra);
+ $(this).append('' + String(label).encodeXml() + ' ' + String(extra).encodeXml());
} else {
$(this).text(label + " " + extra);
}
diff --git a/src/main/webapp/resources/js/dtm.js b/src/main/webapp/resources/js/dtm.js
index 0eed4df..4d278a9 100644
--- a/src/main/webapp/resources/js/dtm.js
+++ b/src/main/webapp/resources/js/dtm.js
@@ -18,7 +18,7 @@ jlab.uploadRARFile = function(incidentId, form) {
promise.done(function(data){
$("#rar-link").empty();
- $("#rar-link").append('RAR Document');
+ $("#rar-link").append('RAR Document');
});
promise.fail(function(xhr, textStatus){
@@ -152,7 +152,7 @@ jlab.filterSystemListByCategory = function (categoryId, systemSelectSelector, ap
$select.append('');
}
$(data.optionList).each(function () {
- $select.append('');
+ $select.append('');
});
if (!keephidden) {
$select.slideDown();
diff --git a/src/main/webapp/resources/js/event-list.js b/src/main/webapp/resources/js/event-list.js
index d1a4155..1c1dd49 100644
--- a/src/main/webapp/resources/js/event-list.js
+++ b/src/main/webapp/resources/js/event-list.js
@@ -389,7 +389,7 @@ jlab.dtm.prepareIncidentFormForEdit = function (skipSystemListLoad) {
if (skipSystemListLoad === true) {
$("#system").empty();
- $("#system").append('');
+ $("#system").append('');
} else {
jlab.dtm.filterSystemSelect(systemId);
}
@@ -595,7 +595,7 @@ jlab.dtm.filterSystemSelect = function (setToSystemId) {
$("#system").empty();
$("#system").append('');
$(json.data).each(function () {
- $("#system").append('');
+ $("#system").append('');
});
if (json.data.length === 1) {
$("#system").val(json.data[0].id);
@@ -881,13 +881,13 @@ $(document).on("click", ".open-edit-expert-review-dialog-button", function () {
var experts = expertReviewerTsv.split("\t");
for(var e of experts) {
- $("#edit-expert-reviewers").append("
" + e + "
");
+ $("#edit-expert-reviewers").append("" + String(e).encodeXml() + "
");
}
$("#rar-link").empty();
if(rarExt !== '') {
- $("#rar-link").append('RAR Document');
+ $("#rar-link").append('RAR Document');
}
var $acknowledgedKey = $("#acknowledged-key");
@@ -1000,7 +1000,7 @@ $(document).on("click", ".explanation-link", function () {
$(".resolution-handle").remove();
var explanation = $(this).attr("data-explanation");
- $(this).append('Explanation:
' + explanation + '
');
+ $(this).append('Explanation:
' + String(explanation).encodeXml() + '
');
return false;
});
$(document).on("click", ".review-link", function () {
@@ -1028,13 +1028,13 @@ $(document).on("click", ".review-link", function () {
var experts = expertReviewerTsv.split("\t");
for(var e of experts) {
- $("#review-dialog-sys-reviewer").append("" + e + "
");
+ $("#review-dialog-sys-reviewer").append("" + String(e).encodeXml() + "
");
}
$("#review-dialog-rar-link").empty();
if(rarExt !== '') {
- $("#review-dialog-rar-link").append('RAR Document');
+ $("#review-dialog-rar-link").append('RAR Document');
}
$("#review-dialog").dialog("open");
diff --git a/src/main/webapp/resources/js/monthly-repair.js b/src/main/webapp/resources/js/monthly-repair.js
index 4b8b942..b17b5d2 100644
--- a/src/main/webapp/resources/js/monthly-repair.js
+++ b/src/main/webapp/resources/js/monthly-repair.js
@@ -30,7 +30,7 @@ jlab.getDataSource = function (bar) {
/*yvalue = parseFloat($("td." + jlab.flotSourceColumnClass, value).text().replace(/,/g, '')),*/
duration = parseFloat($("td:nth-child(3)", value).text().replace(/,/g, '')),
grouping = $("td:first-child", value).text(),
- id = $("td:first-child", value).attr("data-id"),
+ id = parseInt($("td:first-child", value).attr("data-id")),
series = dataMap[grouping] || {};
nameToIdMap[grouping] = id;
@@ -231,7 +231,7 @@ jlab.getDataSource = function (bar) {
}
if (includeCount) {
- rowStr = rowStr + '' + countMap[groupingNames[i]] + ' | ';
+ rowStr = rowStr + '' + String(countMap[groupingNames[i]]).encodeXml() + ' | ';
}
if (includeRate) {
rowStr = rowStr + '' + tripPerHourMap[groupingNames[i]].toFixed(1) + ' | ';
diff --git a/src/main/webapp/resources/js/run-compare.js b/src/main/webapp/resources/js/run-compare.js
index 95276f5..10e7662 100644
--- a/src/main/webapp/resources/js/run-compare.js
+++ b/src/main/webapp/resources/js/run-compare.js
@@ -118,7 +118,7 @@ $(document).on("click", "#add-selected-run-button", function(){
return;
}
- $("#run-list").append('' + label + ' ');
+ $("#run-list").append('' + String(label).encodeXml() + ' ');
$("#add-run-dialog").dialog("close");
});
diff --git a/src/main/webapp/resources/js/subsystem-expert.js b/src/main/webapp/resources/js/subsystem-expert.js
index cc676dd..df52bfa 100644
--- a/src/main/webapp/resources/js/subsystem-expert.js
+++ b/src/main/webapp/resources/js/subsystem-expert.js
@@ -62,7 +62,7 @@ jlab.dtm.deleteRow = function () {
};
jlab.dtm.addRow = function (expertId, username, first, last) {
- var $row = ("" + last + ", " + first + " (" + username + ") |
");
+ var $row = ("" + String(last).encodeXml() + ", " + String(first).encodeXml() + " (" + String(username).encodeXml() + ") |
");
$("#expert-table tbody").append($row);
};
diff --git a/src/main/webapp/resources/js/weekly-repair.js b/src/main/webapp/resources/js/weekly-repair.js
index 6b1a85c..2b0b6c6 100644
--- a/src/main/webapp/resources/js/weekly-repair.js
+++ b/src/main/webapp/resources/js/weekly-repair.js
@@ -29,7 +29,7 @@ jlab.prepareIncidentFormForEdit = function(skipSystemListLoad) {
if (skipSystemListLoad === true) {
$("#system").empty();
- $("#system").append('');
+ $("#system").append('');
} else {
jlab.dtm.filterSystemSelect(systemId);
}