stable
Clone or download
Read-only
Fixes request #32629: XSS in the card field of the agile dashboard apps
Tried to keep the changes within the scope of the security issue. The template engine of hybrids is bit abused but it is still better than before. A future contribution might want to consider removing angular completely from @tuleap/plugin-agiledashboard-card-fields. This change also fixes the display of the legacy colors for selectbox using them. Change-Id: I301ed6a72c324054a490605e881646bf317316fb
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | plugins/agiledashboard/scripts/lib/card-fields/package.json | +3 | −4 | Go to diff View file |
| M | plugins/agiledashboard/scripts/lib/card-fields/pnpm-lock.yaml | +9 | −7 | Go to diff View file |
| M | plugins/agiledashboard/scripts/lib/card-fields/src/card-fields-service.js | +64 | −43 | Go to diff View file |
| M | plugins/agiledashboard/scripts/lib/card-fields/src/card-fields.tpl.html | +1 | −1 | Go to diff View file |
| A | plugins/agiledashboard/scripts/lib/card-fields/src/highlight-filter-template.test.ts | +205 | −0 | Go to diff View file |
| A | plugins/agiledashboard/scripts/lib/card-fields/src/highlight-filter-template.ts | +46 | −0 | Go to diff View file |
| M | plugins/agiledashboard/scripts/lib/card-fields/src/highlight-filter.js | +9 | −16 | Go to diff View file |
| M | plugins/agiledashboard/scripts/lib/card-fields/src/index.js | +1 | −2 | Go to diff View file |
| M | plugins/agiledashboard/scripts/lib/card-fields/vite.config.ts | +2 | −3 | Go to diff View file |