Skip to content

Commit

Permalink
Merge pull request #990 from bitovi/notifications-text
Browse files Browse the repository at this point in the history
Escape text in notifications + bump node version
  • Loading branch information
arm4b authored Oct 6, 2022
2 parents 14d0e95 + 9dcaa31 commit 7bd9b7b
Show file tree
Hide file tree
Showing 6 changed files with 11 additions and 4 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.rst
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ Changed

Reported by @cded from @Bitovi


Fixed
~~~~~
* Fixed CircleCI tests
Expand All @@ -27,6 +28,10 @@ Fixed

Contributed by @luislobo

* Escaped text in notifications. #990

Contributed by @cded from @Bitovi


v2.4.3
------
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM node:14.20.0
FROM node:14.20.1

# Create app directory
WORKDIR /opt/stackstorm/static/webui/st2web
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile-dev
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM node:14.20.0
FROM node:14.20.1

# Create app directory
WORKDIR /opt/stackstorm/static/webui/st2web
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile-nginx
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM node:14.20.0 as build
FROM node:14.20.1 as build

# Create app directory
WORKDIR /opt/stackstorm/static/webui/st2web
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile-nginx-dev
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM node:14.20.0 as build
FROM node:14.20.1 as build

# Create app directory
WORKDIR /opt/stackstorm/static/webui/st2web
Expand Down
2 changes: 2 additions & 0 deletions modules/st2-notification/notification.js
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
const escapeHtml = require('escape-html');

const Noty = (function() {
// don't include this during testing
Expand Down Expand Up @@ -43,6 +44,7 @@ export class Notification {
}

notify(type, text, { buttons = [], err, execution_id, ...options } = {}) {
text = escapeHtml(text);
if (err) {
let expanded = !!execution_id;
let stack = null;
Expand Down

0 comments on commit 7bd9b7b

Please sign in to comment.