Skip to content

E
em
Commit 53b801df by Kim Gyeongeun
Options

#58992 #3. XSS(保存型)の影響を受ける可能性がある

parent fb780ee2
Showing with 5 additions and 4 deletions
src/main/webapp/WEB-INF/view/admin/member/memberList.html
......@@ -58,9 +58,9 @@
#foreach($member in $memberList)
<tr #if($velocityCount % 2 == 0) class="white dot_line" #else class="gray" #end>
<td><a href="#q('/admin/member/memberEdit?memberId=')${member.memberId}">$!member.memberId</a></td>
<td>$!member.loginId</td>
<td>#he($!member.loginId)</td>
<td>$!escape.html($!member.name1) $!escape.html($!member.name2)</td>
<td>$!member.mail</td>
<td>#he($!member.mail)</td>
##<td>$!member.birthDay</td>
<td class="t_center">$!tools.addSlashDate($!member.birthDay)</td>
<td>$!escape.html($!member.address1) $!escape.html($!member.address2)</td>
......
src/main/webapp/WEB-INF/view/admin/setting/adminRegist.html
......@@ -7,8 +7,9 @@
<script language="JavaScript" type="text/JavaScript">
<!--
function goAdminList(){
location.href="#q('/admin/setting/adminSearch/search/')${pageNo}";
function goAdminList(){
var adminListPageNo = '#he("$!{pageNo}")';
location.href="#q('/admin/setting/adminSearch/search/')" + adminListPageNo;
}
-->
</script>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment