From ccadcdb60633527c87b8e2c21cc283a0400c4d4f Mon Sep 17 00:00:00 2001
From: juanf <juanf>
Date: Fri, 12 Jan 2018 09:45:33 +0000
Subject: [PATCH] SSDM-6056 : Fix several issues

SVN: 39096
---
 .../eln-lims/1/as/webapps/eln-lims/html/js/util/FormUtil.js | 2 +-
 .../eln-lims/html/js/views/DataSetForm/DataSetFormView.js   | 4 +++-
 .../html/js/views/ExperimentForm/ExperimentFormView.js      | 5 +++--
 .../eln-lims/html/js/views/SampleForm/SampleFormView.js     | 6 ++++--
 .../html/js/views/SampleForm/widgets/CommentsView.js        | 1 +
 5 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/util/FormUtil.js b/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/util/FormUtil.js
index f44e5b5fd97..b01023d0775 100644
--- a/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/util/FormUtil.js
+++ b/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/util/FormUtil.js
@@ -629,8 +629,8 @@ var FormUtil = new function() {
 		if(text) {
 			text = text.replace(/(?:\r\n|\r|\n)/g, '\n'); //Normalise carriage returns
 		}
+		$component.html(html.sanitize(text));
 		
-		$component.html(text);
 		if(id) {
 			$component.attr('id', id);
 		}
diff --git a/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/DataSetForm/DataSetFormView.js b/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/DataSetForm/DataSetFormView.js
index de6fd04523f..8eeca2f9540 100644
--- a/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/DataSetForm/DataSetFormView.js
+++ b/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/DataSetForm/DataSetFormView.js
@@ -60,7 +60,9 @@ function DataSetFormView(dataSetFormController, dataSetFormModel) {
 		var entityPath = FormUtil.getFormPath(spaceCode, projectCode, experimentCode, null, null, sampleCode, sampleIdentifier, datasetCodeAndPermId);
 		
 		var nameLabel = this._dataSetFormModel.dataSet.properties[profile.propertyReplacingCode];
-		if(!nameLabel) {
+		if(nameLabel) {
+			nameLabel = html.sanitize(nameLabel);
+		} else {
 			nameLabel = this._dataSetFormModel.dataSet.code;
 		}
 		
diff --git a/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/ExperimentForm/ExperimentFormView.js b/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/ExperimentForm/ExperimentFormView.js
index b82e46d5dfd..2963624187d 100644
--- a/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/ExperimentForm/ExperimentFormView.js
+++ b/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/ExperimentForm/ExperimentFormView.js
@@ -41,11 +41,12 @@ function ExperimentFormView(experimentFormController, experimentFormModel) {
 		//
 		var $formTitle = $("<div>");
 		var nameLabel = this._experimentFormModel.experiment.properties[profile.propertyReplacingCode];
-		if(!nameLabel) {
+		if(nameLabel) {
+			nameLabel = html.sanitize(nameLabel);
+		} else {
 			nameLabel = this._experimentFormModel.experiment.code;
 		}
 		
-		
 		var spaceCode = this._experimentFormModel.experiment.identifier.split("/")[1];
 		var projectCode = this._experimentFormModel.experiment.identifier.split("/")[2];
 		var experimentCode = (this._experimentFormModel.mode !== FormMode.CREATE)?this._experimentFormModel.experiment.identifier.split("/")[3]:null;
diff --git a/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/SampleForm/SampleFormView.js b/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/SampleForm/SampleFormView.js
index ee13e2355be..68e9fc8b2e7 100644
--- a/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/SampleForm/SampleFormView.js
+++ b/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/SampleForm/SampleFormView.js
@@ -74,7 +74,9 @@ function SampleFormView(sampleFormController, sampleFormModel) {
 		
 		var $formTitle = $("<div>");
 		var nameLabel = this._sampleFormModel.sample.properties[profile.propertyReplacingCode];
-		if(!nameLabel) {
+		if(nameLabel) {
+			nameLabel = html.sanitize(nameLabel);
+		} else {
 			nameLabel = this._sampleFormModel.sample.code;
 		}
 		
@@ -558,7 +560,7 @@ function SampleFormView(sampleFormController, sampleFormModel) {
 		} else {
 			$legend.remove();
 		}
-			
+		
 		var propertyGroupPropertiesOnForm = 0;
 		for(var j = 0; j < propertyTypeGroup.propertyTypes.length; j++) {
 			var propertyType = propertyTypeGroup.propertyTypes[j];
diff --git a/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/SampleForm/widgets/CommentsView.js b/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/SampleForm/widgets/CommentsView.js
index 4884bbcad58..7a814ac411e 100644
--- a/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/SampleForm/widgets/CommentsView.js
+++ b/openbis_standard_technologies/dist/core-plugins/eln-lims/1/as/webapps/eln-lims/html/js/views/SampleForm/widgets/CommentsView.js
@@ -99,6 +99,7 @@ function CommentsView(commentsController, commentsModel) {
 		$saveButton.click(function() {
 			//Save Value
 			value = $textBox.val();
+			value = html.sanitize(value);
 			_this._commentsController.addNewComment(value);
 			//Remove New Comment Box
 			$textBoxGroup.remove();
-- 
GitLab