Skip to content

N
nexpie-grafana-theme
Commit 13f0b32a by utkarshcmu
Options

Added sanitizer to help text

parent 034d8435
Showing with 18 additions and 1 deletions
public/app/features/panel/panel_menu.js
......@@ -9,7 +9,7 @@ function (angular, $, _, Tether) {
angular
.module('grafana.directives')
.directive('panelMenu', function($compile, linkSrv) {
.directive('panelMenu', function($sanitize, $compile, linkSrv) {
var linkTemplate =
'<span class="panel-title drag-handle pointer">' +
'<span class="icon-gf panel-alert-icon"></span>' +
......@@ -19,6 +19,16 @@ function (angular, $, _, Tether) {
'<span class="panel-time-info" ng-show="ctrl.timeInfo"><i class="fa fa-clock-o"></i> {{ctrl.timeInfo}}</span>' +
'</span>';
function sanitizeString(str) {
try {
return $sanitize(str);
}
catch(err) {
console.log('Could not sanitize annotation string, html escaping instead');
return _.escape(str);
}
}
function createExternalLinkMenu(ctrl) {
var template = '<div class="panel-menu small">';
template += '<div class="panel-menu-row">';
......@@ -79,6 +89,7 @@ function (angular, $, _, Tether) {
var $link = $(linkTemplate);
var $panelLinksBtn = $link.find(".panel-links-btn");
var $panelContainer = elem.parents(".panel-container");
var $panelHelpDrop = $link.find(".panel-help-text");
var menuScope = null;
var ctrl = $scope.ctrl;
var timeout = null;
......@@ -93,6 +104,12 @@ function (angular, $, _, Tether) {
$panelLinksBtn.css({display: showIcon ? 'inline' : 'none'});
});
$scope.$watch('ctrl.panel.helpText', function(helpText) {
helpText = sanitizeString(helpText);
var showIcon = (helpText ? helpText.length > 0 : false) && ctrl.panel.title !== '';
$panelHelpDrop.css({display: showIcon ? 'inline' : 'none'});
});
function dismiss(time, force) {
clearTimeout(timeout);
timeout = null;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment