Browse Source

Properly html-escape labels

pull/1/head
Wladimir J. van der Laan 11 years ago
parent
commit
dedf83a19b
  1. 4
      src/qt/sendcoinsdialog.cpp
  2. 10
      src/qt/transactiondesc.cpp

4
src/qt/sendcoinsdialog.cpp

@ -9,7 +9,7 @@ @@ -9,7 +9,7 @@
#include <QMessageBox>
#include <QLocale>
#include <QDebug>
#include <QTextDocument>
SendCoinsDialog::SendCoinsDialog(QWidget *parent) :
QDialog(parent),
@ -71,7 +71,7 @@ void SendCoinsDialog::on_sendButton_clicked() @@ -71,7 +71,7 @@ void SendCoinsDialog::on_sendButton_clicked()
QStringList formatted;
foreach(const SendCoinsRecipient &rcp, recipients)
{
formatted.append(tr("<b>%1</b> to %2 (%3)").arg(BitcoinUnits::formatWithUnit(BitcoinUnits::BTC, rcp.amount), rcp.label, rcp.address));
formatted.append(tr("<b>%1</b> to %2 (%3)").arg(BitcoinUnits::formatWithUnit(BitcoinUnits::BTC, rcp.amount), Qt::escape(rcp.label), rcp.address));
}
QMessageBox::StandardButton retval = QMessageBox::question(this, tr("Confirm send coins"),

10
src/qt/transactiondesc.cpp

@ -134,7 +134,7 @@ string TransactionDesc::toHTML(CWallet *wallet, CWalletTx &wtx) @@ -134,7 +134,7 @@ string TransactionDesc::toHTML(CWallet *wallet, CWalletTx &wtx)
strHTML += _("<b>To:</b> ");
strHTML += HtmlEscape(address.ToString());
if (!wallet->mapAddressBook[address].empty())
strHTML += _(" (yours, label: ") + wallet->mapAddressBook[address] + ")";
strHTML += _(" (yours, label: ") + HtmlEscape(wallet->mapAddressBook[address]) + ")";
else
strHTML += _(" (yours)");
strHTML += "<br>";
@ -157,7 +157,7 @@ string TransactionDesc::toHTML(CWallet *wallet, CWalletTx &wtx) @@ -157,7 +157,7 @@ string TransactionDesc::toHTML(CWallet *wallet, CWalletTx &wtx)
strAddress = wtx.mapValue["to"];
strHTML += _("<b>To:</b> ");
if (wallet->mapAddressBook.count(strAddress) && !wallet->mapAddressBook[strAddress].empty())
strHTML += wallet->mapAddressBook[strAddress] + " ";
strHTML += HtmlEscape(wallet->mapAddressBook[strAddress]) + " ";
strHTML += HtmlEscape(strAddress) + "<br>";
}
@ -215,8 +215,8 @@ string TransactionDesc::toHTML(CWallet *wallet, CWalletTx &wtx) @@ -215,8 +215,8 @@ string TransactionDesc::toHTML(CWallet *wallet, CWalletTx &wtx)
{
strHTML += _("<b>To:</b> ");
if (wallet->mapAddressBook.count(address) && !wallet->mapAddressBook[address].empty())
strHTML += wallet->mapAddressBook[address] + " ";
strHTML += address.ToString();
strHTML += HtmlEscape(wallet->mapAddressBook[address]) + " ";
strHTML += HtmlEscape(address.ToString());
strHTML += "<br>";
}
}
@ -303,7 +303,7 @@ string TransactionDesc::toHTML(CWallet *wallet, CWalletTx &wtx) @@ -303,7 +303,7 @@ string TransactionDesc::toHTML(CWallet *wallet, CWalletTx &wtx)
if (ExtractAddress(vout.scriptPubKey, 0, address))
{
if (wallet->mapAddressBook.count(address) && !wallet->mapAddressBook[address].empty())
strHTML += wallet->mapAddressBook[address] + " ";
strHTML += HtmlEscape(wallet->mapAddressBook[address]) + " ";
strHTML += address.ToString();
}
strHTML = strHTML + " Amount=" + FormatMoney(vout.nValue);

Loading…
Cancel
Save