Alexander Wels has posted comments on this change. Change subject: webadmin: unescape cell tooltips string values ......................................................................
Patch Set 2: My concern with this setup is can we 100% guarantee that the string coming in is trusted? Aka it did not come from user input? I would image that something like this would guarantee proper functioning: return new HTML(SafeHtmlUtils.htmlEscapeAllowEntities(value.asString())).getText(); -- To view, visit http://gerrit.ovirt.org/19018 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I2da6812694737c212352afda48fa9a50e97f8d60 Gerrit-PatchSet: 2 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Alexander Wels <aw...@redhat.com> Gerrit-Reviewer: Alexander Wels <aw...@redhat.com> Gerrit-Reviewer: Daniel Erez <de...@redhat.com> Gerrit-Reviewer: Einav Cohen <eco...@redhat.com> Gerrit-Reviewer: Vojtech Szocs <vsz...@redhat.com> Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: No _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
