|
18-02-2012, 15:58
|
#1 |
|
EG BestOF
Join Date: Jun 2008
Posts: 268
|
New bug found in Manager
If I find a bug this year, assuming the world still exists, will I get another gift if one is shipped out at Christmas?
 That aside, I have found another bug. Home >Dedicated servers>Services>Management of your installation templates (BETA) You can create a template with a ' character in it. This causes issues with the html for the web page (you cannot click on the edit/delete buttons). The issue is that the web page uses ' for onclick= (in this case AjaxDelete) Code:
onclick="AjaxDelete('Greg's server')"
1: escape the name Code:
onclick="AjaxDelete('Greg\'s server')"
1 is easy and a minor change to your backend 2 would be a major pain. I verified that the first option worked by editing the HTML (chrome browser ftw!) and changing 'Greg's server' to 'Greg\'s server' which allowed me to edit, delete etc the template. Offending code: Code:
<img src="images/icons/small/delete.gif" alt="delete the template" title="delete" style="cursor: pointer; border-color: initial; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; border-color: initial; border-image: initial; padding-top: 2px; padding-right: 2px; padding-bottom: 2px; padding-left: 2px; " onmouseover="mouseOver(this)" onmouseout="mouseOut(this)" onclick="AjaxDelete('Greg's server')" ovhtr:qtlid_src="250844" ovhtr:qtlid_alt="256539" ovhtr:qtlid_title="256551">
|
|
|
|
25-08-2012, 10:27
|
#2 |
|
EG BestOF
Join Date: Jun 2008
Posts: 268
|
Re: New bug found in Manager
I note that after almost 7 months that this bug still exists.
I know that the feature is in beta but the bug could be a showstopper, or even an exploit vector. |
|
|
|
 |
| Thread Tools | |
|
|
