Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2024-10-01 01:26:01 -04:00
Code Issues Packages Projects Releases Wiki Activity

Properly HTML-escape strings with user-defined contents in message boxes (#247)

Browse Source 
* Properly HTML-escape strings with user-defined contents in message boxes, resolves #236

* Also escape group names in EditWidget title
This commit is contained in:
Janek Bevendorff 2017-02-06 20:23:51 +01:00 committed by Jonathan White
parent 7e4592c1e7
commit 75eb0c6951
4 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/gui/DatabaseTabWidget.cpp
View File

@ -246,7 +246,7 @@ bool DatabaseTabWidget::closeDatabase(Database* db)
QMessageBox::StandardButton result = QMessageBox::StandardButton result =
MessageBox::question( MessageBox::question(
this, tr("Close?"), this, tr("Close?"),
tr("\"%1\" is in edit mode.\nDiscard changes and close anyway?").arg(dbName), tr("\"%1\" is in edit mode.\nDiscard changes and close anyway?").arg(dbName.toHtmlEscaped()),
QMessageBox::Discard | QMessageBox::Cancel, QMessageBox::Cancel); QMessageBox::Discard | QMessageBox::Cancel, QMessageBox::Cancel);
if (result == QMessageBox::Cancel) { if (result == QMessageBox::Cancel) {
return false; return false;
@ -262,7 +262,7 @@ bool DatabaseTabWidget::closeDatabase(Database* db)
QMessageBox::StandardButton result = QMessageBox::StandardButton result =
MessageBox::question( MessageBox::question(
this, tr("Save changes?"), this, tr("Save changes?"),
tr("\"%1\" was modified.\nSave changes?").arg(dbName), tr("\"%1\" was modified.\nSave changes?").arg(dbName.toHtmlEscaped()),
QMessageBox::Yes | QMessageBox::Discard | QMessageBox::Cancel, QMessageBox::Yes); QMessageBox::Yes | QMessageBox::Discard | QMessageBox::Cancel, QMessageBox::Yes);
if (result == QMessageBox::Yes) { if (result == QMessageBox::Yes) {
if (!saveDatabase(db)) { if (!saveDatabase(db)) {

6
src/gui/DatabaseWidget.cpp
View File

@ -341,7 +341,7 @@ void DatabaseWidget::deleteEntries()
result = MessageBox::question( result = MessageBox::question(
this, tr("Delete entry?"), this, tr("Delete entry?"),
tr("Do you really want to delete the entry \"%1\" for good?") tr("Do you really want to delete the entry \"%1\" for good?")
.arg(selectedEntries.first()->title()), .arg(selectedEntries.first()->title().toHtmlEscaped()),
QMessageBox::Yes | QMessageBox::No); QMessageBox::Yes | QMessageBox::No);
} }
else { else {
@ -365,7 +365,7 @@ void DatabaseWidget::deleteEntries()
result = MessageBox::question( result = MessageBox::question(
this, tr("Move entry to recycle bin?"), this, tr("Move entry to recycle bin?"),
tr("Do you really want to move entry \"%1\" to the recycle bin?") tr("Do you really want to move entry \"%1\" to the recycle bin?")
.arg(selectedEntries.first()->title()), .arg(selectedEntries.first()->title().toHtmlEscaped()),
QMessageBox::Yes | QMessageBox::No); QMessageBox::Yes | QMessageBox::No);
} }
else { else {
@ -532,7 +532,7 @@ void DatabaseWidget::deleteGroup()
QMessageBox::StandardButton result = MessageBox::question( QMessageBox::StandardButton result = MessageBox::question(
this, tr("Delete group?"), this, tr("Delete group?"),
tr("Do you really want to delete the group \"%1\" for good?") tr("Do you really want to delete the group \"%1\" for good?")
.arg(currentGroup->name()), .arg(currentGroup->name().toHtmlEscaped()),
QMessageBox::Yes | QMessageBox::No); QMessageBox::Yes | QMessageBox::No);
if (result == QMessageBox::Yes) { if (result == QMessageBox::Yes) {
delete currentGroup; delete currentGroup;

7
src/gui/entry/EditEntryWidget.cpp
View File

@ -271,14 +271,15 @@ void EditEntryWidget::loadEntry(Entry* entry, bool create, bool history, const Q
m_history = history; m_history = history;
if (history) { if (history) {
setHeadline(QString("%1 > %2").arg(parentName, tr("Entry history"))); setHeadline(QString("%1 > %2").arg(parentName.toHtmlEscaped(), tr("Entry history")));
} }
else { else {
if (create) { if (create) {
setHeadline(QString("%1 > %2").arg(parentName, tr("Add entry"))); setHeadline(QString("%1 > %2").arg(parentName.toHtmlEscaped(), tr("Add entry")));
} }
else { else {
setHeadline(QString("%1 > %2 > %3").arg(parentName, entry->title(), tr("Edit entry"))); setHeadline(QString("%1 > %2 > %3").arg(parentName.toHtmlEscaped(),
entry->title().toHtmlEscaped(), tr("Edit entry")));
} }
} }

3
src/http/Service.cpp
View File

@ -480,7 +480,8 @@ void Service::updateEntry(const QString &, const QString &uuid, const QString &l
//ShowNotification(QString("%0: You have an entry change prompt waiting, click to activate").arg(requestId)); //ShowNotification(QString("%0: You have an entry change prompt waiting, click to activate").arg(requestId));
if ( HttpSettings::alwaysAllowUpdate() if ( HttpSettings::alwaysAllowUpdate()
|| QMessageBox::warning(0, tr("KeePassXC: Update Entry"), || QMessageBox::warning(0, tr("KeePassXC: Update Entry"),
tr("Do you want to update the information in %1 - %2?").arg(QUrl(url).host()).arg(u), tr("Do you want to update the information in %1 - %2?")
.arg(QUrl(url).host().toHtmlEscaped()).arg(u.toHtmlEscaped()),
QMessageBox::Yes|QMessageBox::No) == QMessageBox::Yes ) { QMessageBox::Yes|QMessageBox::No) == QMessageBox::Yes ) {
entry->beginUpdate(); entry->beginUpdate();
entry->setUsername(login); entry->setUsername(login);