odoo/controllers at 7c54c54f9f121091ef418cb5e37999f8bcbc12be - odoo

odoo

History

Simon Lejeune 08604812d8 [FIX] Report: html escape the error json string session.get_file appends the json to the body of the generated iframe and then tries to json.parse it by reading contentNode on the body. Exceptions from `report_download` method may contain `<` and `>`, so when json.parse tries to json.parse the contentNode, it reads only a part of the original json string. htmlescaping the json string solves the issue by preventing the content of the json string to be interpreted as html.	2014-12-12 16:04:31 +01:00
..
__init__.py	[IMP] Added the default controller for the generic html reports (reports not needing data to be preprocessed)	2014-02-12 19:00:25 +01:00
main.py	[FIX] Report: html escape the error json string	2014-12-12 16:04:31 +01:00

Simon Lejeune 08604812d8 [FIX] Report: html escape the error json string

session.get_file appends the json to the body of the generated iframe and
then tries to json.parse it by reading contentNode on the body.
Exceptions from `report_download` method may contain `<` and `>`, so when
json.parse tries to json.parse the contentNode, it reads only a part of
the original json string. htmlescaping the json string solves the issue
by preventing the content of the json string to be interpreted as html.

2014-12-12 16:04:31 +01:00

__init__.py

[IMP] Added the default controller for the generic html reports (reports not needing data to be preprocessed)

2014-02-12 19:00:25 +01:00

main.py

[FIX] Report: html escape the error json string

2014-12-12 16:04:31 +01:00