Home Explore Help
Register Sign In
wangjunyun
/
Dcat-Admin
mirror of https://gitee.com/jqhph/dcat-admin.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge pull request #414 from youyingxiang/master

xss问题
Jiang Qinghua 4 years ago
parent
277b6936ee 668c353521
commit
2d8cccdca9
1 changed files with 2 additions and 1 deletions
Split View Show Diff Stats
  1. 2 1
      src/Grid/Tools/RowSelector.php

+ 2 - 1
src/Grid/Tools/RowSelector.php
View File 

@@ -64,10 +64,11 @@ HTML;
 
     public function renderColumn($row, $id)
 
     {
 
         $this->setupScript();
 
+        $title = e($this->getTitle($row, $id));
 
 
         return <<<EOT
 
 <div class="vs-checkbox-con vs-checkbox-{$this->style} checkbox-grid">
 
-    <input type="checkbox" class="{$this->grid->getRowName()}-checkbox" data-id="{$id}" data-label="{$this->getTitle($row, $id)}">
 
+    <input type="checkbox" class="{$this->grid->getRowName()}-checkbox" data-id="{$id}" data-label="{$title}">
 
     <span class="vs-checkbox"><span class="vs-checkbox--check"><i class="vs-icon feather icon-check"></i></span></span>
 
 </div>        
 EOT;