MIME-Version: 1.0
Date: Mon, 18 Apr 2016 15:21:18 +0530
Message-ID: 
 <CACCA4P3b2MskMggrE=GiL5_MNhGPfaMr1u1u-XvsYHvNOuF+aA@mail.gmail.com>
Subject: [pgAdmin4][patch]: String evaluation issue
From: Neel Patel <neel.patel@enterprisedb.com>
To: pgadmin-hackers <pgadmin-hackers@postgresql.org>
Content-Type: multipart/mixed; boundary=001a114dca1060a2a60530bf4dd9
Precedence: bulk
Sender: pgadmin-hackers-owner@postgresql.org

--001a114dca1060a2a60530bf4dd9
Content-Type: multipart/alternative; boundary=001a114dca1060a2a20530bf4dd7

--001a114dca1060a2a20530bf4dd7
Content-Type: text/plain; charset=UTF-8

Hi,

Please find attached patch file containing the fix for the below issue.
This issue is reported by Dave during the debugger code review and we have
removed the same issue from other files where we used.

*Issue :- *

When we use below string to form the error message then it will not work
because Jinja will evaluate the string " + err.errormsg + " before it gets
evaluated as JS by the browser.

           *alertify.error("{{ _('" + err.errormsg + "') }}");*


Do review it and let us know for any comments.

Thanks,
Neel Patel

--001a114dca1060a2a20530bf4dd7
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Hi,<div><br></div><div>Please find attached patch file con=
taining the fix for the below issue.</div><div>This issue is reported by Da=
ve during the debugger code review and we have removed the same issue from =
other files where we used.</div><div><br></div><div><b>Issue :-=C2=A0</b></=
div><div><b><br></b></div><div>When we use below string to form the error m=
essage then it will not work because Jinja will evaluate the string &quot; =
+ err.errormsg + &quot; before it gets evaluated as JS by the browser.</div=
><div><br></div><div>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0<b>alertify.e=
rror(&quot;{{ _(&#39;&quot; + err.errormsg + &quot;&#39;) }}&quot;);</b><br=
></div><div><br></div><div><br></div><div>Do review it and let us know for =
any comments.</div><div><br></div><div>Thanks,</div><div>Neel Patel</div><d=
iv><br></div></div>

--001a114dca1060a2a20530bf4dd7--

--001a114dca1060a2a60530bf4dd9
Content-Type: application/octet-stream; name="string_evaluate.patch"
Content-Disposition: attachment; filename="string_evaluate.patch"
Content-Transfer-Encoding: base64
X-Attachment-Id: f_in5tj7o00

ZGlmZiAtLWdpdCBhL3dlYi9wZ2FkbWluL2Jyb3dzZXIvc2VydmVyX2dyb3Vw
cy9zZXJ2ZXJzL2RhdGFiYXNlcy9jYXN0cy90ZW1wbGF0ZXMvY2FzdC9qcy9j
YXN0cy5qcyBiL3dlYi9wZ2FkbWluL2Jyb3dzZXIvc2VydmVyX2dyb3Vwcy9z
ZXJ2ZXJzL2RhdGFiYXNlcy9jYXN0cy90ZW1wbGF0ZXMvY2FzdC9qcy9jYXN0
cy5qcwppbmRleCA2OTBhNmQ1Li4wZWM2ZmZlIDEwMDY0NAotLS0gYS93ZWIv
cGdhZG1pbi9icm93c2VyL3NlcnZlcl9ncm91cHMvc2VydmVycy9kYXRhYmFz
ZXMvY2FzdHMvdGVtcGxhdGVzL2Nhc3QvanMvY2FzdHMuanMKKysrIGIvd2Vi
L3BnYWRtaW4vYnJvd3Nlci9zZXJ2ZXJfZ3JvdXBzL3NlcnZlcnMvZGF0YWJh
c2VzL2Nhc3RzL3RlbXBsYXRlcy9jYXN0L2pzL2Nhc3RzLmpzCkBAIC0yMTEs
OCArMjExLDcgQEAgZnVuY3Rpb24oJCwgXywgUywgcGdBZG1pbiwgcGdCcm93
c2VyLCBhbGVydGlmeSkgewogICAgICAgICAgICAgICAgICAgIHRyeSB7CiAg
ICAgICAgICAgICAgICAgICAgICB2YXIgZXJyID0gJC5wYXJzZUpTT04oeGhy
LnJlc3BvbnNlVGV4dCk7CiAgICAgICAgICAgICAgICAgICAgICBpZiAoZXJy
LnN1Y2Nlc3MgPT0gMCkgewotICAgICAgICAgICAgICAgICAgICAgICBtc2cg
PSBTKCd7eyBfKCcgKyBlcnIuZXJyb3Jtc2cgKyAnKX19JykudmFsdWUoKTsK
LSAgICAgICAgICAgICAgICAgICAgICAgYWxlcnRpZnkuZXJyb3IoInt7IF8o
JyIgKyBlcnIuZXJyb3Jtc2cgKyAiJykgfX0iKTsKKyAgICAgICAgICAgICAg
ICAgICAgICAgYWxlcnRpZnkuZXJyb3IoZXJyLmVycm9ybXNnKTsKICAgICAg
ICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICB9IGNhdGNo
IChlKSB7fQogICAgICAgICAgICAgICAgICB9CkBAIC0zMDYsNCArMzA1LDQg
QEAgZnVuY3Rpb24oJCwgXywgUywgcGdBZG1pbiwgcGdCcm93c2VyLCBhbGVy
dGlmeSkgewogCiAgIH0KICAgICByZXR1cm4gcGdCcm93c2VyLk5vZGVzWydj
b2xsLWNhc3QnXTsKLX0pOwpcIE5vIG5ld2xpbmUgYXQgZW5kIG9mIGZpbGUK
K30pOwpkaWZmIC0tZ2l0IGEvd2ViL3BnYWRtaW4vYnJvd3Nlci9zZXJ2ZXJf
Z3JvdXBzL3NlcnZlcnMvZGF0YWJhc2VzL3RlbXBsYXRlcy9kYXRhYmFzZXMv
anMvZGF0YWJhc2VzLmpzIGIvd2ViL3BnYWRtaW4vYnJvd3Nlci9zZXJ2ZXJf
Z3JvdXBzL3NlcnZlcnMvZGF0YWJhc2VzL3RlbXBsYXRlcy9kYXRhYmFzZXMv
anMvZGF0YWJhc2VzLmpzCmluZGV4IGE2YmZiOTAuLjA0MDhhNTIgMTAwNjQ0
Ci0tLSBhL3dlYi9wZ2FkbWluL2Jyb3dzZXIvc2VydmVyX2dyb3Vwcy9zZXJ2
ZXJzL2RhdGFiYXNlcy90ZW1wbGF0ZXMvZGF0YWJhc2VzL2pzL2RhdGFiYXNl
cy5qcworKysgYi93ZWIvcGdhZG1pbi9icm93c2VyL3NlcnZlcl9ncm91cHMv
c2VydmVycy9kYXRhYmFzZXMvdGVtcGxhdGVzL2RhdGFiYXNlcy9qcy9kYXRh
YmFzZXMuanMKQEAgLTE1MSwxMyArMTUxLDE4IEBAIGZ1bmN0aW9uKCQsIF8s
IFMsIHBnQWRtaW4sIHBnQnJvd3NlciwgQWxlcnRpZnkpIHsKICAgICAgICAg
ICAgICAgICAgICAgdC51bmxvYWQoaSk7CiAgICAgICAgICAgICAgICAgICAg
IHQuc2V0SW5vZGUoaSk7CiAgICAgICAgICAgICAgICAgICB9CisgICAgICAg
ICAgICAgICAgICBlbHNlIHsKKyAgICAgICAgICAgICAgICAgICAgdHJ5IHsK
KyAgICAgICAgICAgICAgICAgICAgICBBbGVydGlmeS5lcnJvcihyZXMuZXJy
b3Jtc2cpOworICAgICAgICAgICAgICAgICAgICB9IGNhdGNoIChlKSB7fQor
ICAgICAgICAgICAgICAgICAgICB0LnVubG9hZChpKTsKKyAgICAgICAgICAg
ICAgICAgIH0KICAgICAgICAgICAgICAgICB9LAogICAgICAgICAgICAgICAg
IGVycm9yOiBmdW5jdGlvbih4aHIsIHN0YXR1cywgZXJyb3IpIHsKICAgICAg
ICAgICAgICAgICAgIHRyeSB7CiAgICAgICAgICAgICAgICAgICAgIHZhciBl
cnIgPSAkLnBhcnNlSlNPTih4aHIucmVzcG9uc2VUZXh0KTsKICAgICAgICAg
ICAgICAgICAgICAgaWYgKGVyci5zdWNjZXNzID09IDApIHsKLSAgICAgICAg
ICAgICAgICAgICAgICBtc2cgPSBTKCd7eyBfKCcgKyBlcnIuZXJyb3Jtc2cg
KyAnKX19JykudmFsdWUoKTsKLSAgICAgICAgICAgICAgICAgICAgICBBbGVy
dGlmeS5lcnJvcigie3sgXygnIiArIGVyci5lcnJvcm1zZyArICInKSB9fSIp
OworICAgICAgICAgICAgICAgICAgICAgIEFsZXJ0aWZ5LmVycm9yKGVyci5l
cnJvcm1zZyk7CiAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAg
ICAgICAgIH0gY2F0Y2ggKGUpIHt9CiAgICAgICAgICAgICAgICAgICB0LnVu
bG9hZChpKTsKZGlmZiAtLWdpdCBhL3dlYi9wZ2FkbWluL2Jyb3dzZXIvc2Vy
dmVyX2dyb3Vwcy9zZXJ2ZXJzL3RlbXBsYXRlcy9zZXJ2ZXJzL3NlcnZlcnMu
anMgYi93ZWIvcGdhZG1pbi9icm93c2VyL3NlcnZlcl9ncm91cHMvc2VydmVy
cy90ZW1wbGF0ZXMvc2VydmVycy9zZXJ2ZXJzLmpzCmluZGV4IGY3ZTA5M2Iu
LjU0MjNlOTggMTAwNjQ0Ci0tLSBhL3dlYi9wZ2FkbWluL2Jyb3dzZXIvc2Vy
dmVyX2dyb3Vwcy9zZXJ2ZXJzL3RlbXBsYXRlcy9zZXJ2ZXJzL3NlcnZlcnMu
anMKKysrIGIvd2ViL3BnYWRtaW4vYnJvd3Nlci9zZXJ2ZXJfZ3JvdXBzL3Nl
cnZlcnMvdGVtcGxhdGVzL3NlcnZlcnMvc2VydmVycy5qcwpAQCAtODcsNyAr
ODcsNyBAQCBmdW5jdGlvbigkLCBfLCBTLCBwZ0FkbWluLCBwZ0Jyb3dzZXIs
IGFsZXJ0aWZ5KSB7CiAgICAgICAgICAgICAgICAgdHlwZTonREVMRVRFJywK
ICAgICAgICAgICAgICAgICBzdWNjZXNzOiBmdW5jdGlvbihyZXMpIHsKICAg
ICAgICAgICAgICAgICAgIGlmIChyZXMuc3VjY2VzcyA9PSAxKSB7Ci0gICAg
ICAgICAgICAgICAgICAgIGFsZXJ0aWZ5LnN1Y2Nlc3MoInt7IF8oJyIgKyBy
ZXMuaW5mbyArICInKSB9fSIpOworICAgICAgICAgICAgICAgICAgICBhbGVy
dGlmeS5zdWNjZXNzKHJlcy5pbmZvKTsKICAgICAgICAgICAgICAgICAgICAg
ZCA9IHQuaXRlbURhdGEoaSk7CiAgICAgICAgICAgICAgICAgICAgIHQucmVt
b3ZlSWNvbihpKTsKICAgICAgICAgICAgICAgICAgICAgZC5jb25uZWN0ZWQg
PSBmYWxzZTsKQEAgLTk5LDEzICs5OSwxOCBAQCBmdW5jdGlvbigkLCBfLCBT
LCBwZ0FkbWluLCBwZ0Jyb3dzZXIsIGFsZXJ0aWZ5KSB7CiAgICAgICAgICAg
ICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgb2JqLnRyaWdnZXIo
J3NlcnZlci1kaXNjb25uZWN0ZWQnLCBvYmosIGksIGQpOwogICAgICAgICAg
ICAgICAgICAgfQorICAgICAgICAgICAgICAgICAgZWxzZSB7CisgICAgICAg
ICAgICAgICAgICAgIHRyeSB7CisgICAgICAgICAgICAgICAgICAgICAgICBh
bGVydGlmeS5lcnJvcihyZXMuZXJyb3Jtc2cpOworICAgICAgICAgICAgICAg
ICAgICB9IGNhdGNoIChlKSB7fQorICAgICAgICAgICAgICAgICAgICB0LnVu
bG9hZChpKTsKKyAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAg
ICB9LAogICAgICAgICAgICAgICAgIGVycm9yOiBmdW5jdGlvbih4aHIsIHN0
YXR1cywgZXJyb3IpIHsKICAgICAgICAgICAgICAgICAgIHRyeSB7CiAgICAg
ICAgICAgICAgICAgICAgIHZhciBlcnIgPSAkLnBhcnNlSlNPTih4aHIucmVz
cG9uc2VUZXh0KTsKICAgICAgICAgICAgICAgICAgICAgaWYgKGVyci5zdWNj
ZXNzID09IDApIHsKLSAgICAgICAgICAgICAgICAgICAgICBtc2cgPSBTKCd7
eyBfKCcgKyBlcnIuZXJyb3Jtc2cgKyAnKX19JykudmFsdWUoKTsKLSAgICAg
ICAgICAgICAgICAgICAgICBhbGVydGlmeS5lcnJvcigie3sgXygnIiArIGVy
ci5lcnJvcm1zZyArICInKSB9fSIpOworICAgICAgICAgICAgICAgICAgICAg
IGFsZXJ0aWZ5LmVycm9yKGVyci5lcnJvcm1zZyk7CiAgICAgICAgICAgICAg
ICAgICAgIH0KICAgICAgICAgICAgICAgICAgIH0gY2F0Y2ggKGUpIHt9CiAg
ICAgICAgICAgICAgICAgICB0LnVubG9hZChpKTsK

--001a114dca1060a2a60530bf4dd9
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0


-- 
Sent via pgadmin-hackers mailing list (pgadmin-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgadmin-hackers

--001a114dca1060a2a60530bf4dd9--