@sapui5/sap.ui.vbm 1.96.0 → 1.96.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/package.json +1 -1
  2. package/src/sap/ui/vbm/.library +1 -1
  3. package/src/sap/ui/vbm/Adapter.js +1 -1
  4. package/src/sap/ui/vbm/Adapter3D.js +1 -1
  5. package/src/sap/ui/vbm/Viewport.js +1 -1
  6. package/src/sap/ui/vbm/adapter3d/ModelHandler.js +1 -1
  7. package/src/sap/ui/vbm/adapter3d/ObjectFactory.js +1 -1
  8. package/src/sap/ui/vbm/adapter3d/PolygonHandler.js +1 -1
  9. package/src/sap/ui/vbm/adapter3d/SceneBuilder.js +3 -1
  10. package/src/sap/ui/vbm/adapter3d/VBIJSONParser.js +1 -1
  11. package/src/sap/ui/vbm/lib/sapscene.js +1 -1
  12. package/src/sap/ui/vbm/lib/saputilities.js +7 -7
  13. package/src/sap/ui/vbm/lib/sapvbi.js +1 -1
  14. package/src/sap/ui/vbm/library.js +2 -2
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sapui5/sap.ui.vbm",
3
- "version": "1.96.0",
3
+ "version": "1.96.1",
4
4
  "description": "SAPUI5 Library sap.ui.vbm",
5
5
  "homepage": "https://sap.github.io/ui5-tooling/pages/SAPUI5/",
6
6
  "author": "SAP SE (https://www.sap.com)",
package/src/sap/ui/vbm/.library CHANGED
@@ -3,7 +3,7 @@
3
3
  <name>sap.ui.vbm</name>
4
4
  <vendor>SAP SE</vendor>
5
5
  <copyright>SAP UI development toolkit for HTML5 (SAPUI5) (c) Copyright 2009-2012 SAP AG. All rights reserved</copyright>
6
- <version>1.96.0</version>
6
+ <version>1.96.1</version>
7
7
 
8
8
  <documentation>SAP UI library: sap.ui.vbm</documentation>
9
9
 
package/src/sap/ui/vbm/Adapter.js CHANGED
@@ -23,7 +23,7 @@ sap.ui.define([
23
23
  * @param {string} [sId] id for the new control, generated automatically if no id is given
24
24
  * @param {object} [mSettings] initial settings for the new object
25
25
  * @author SAP SE
26
- * @version 1.96.0
26
+ * @version 1.96.1
27
27
  * @extends sap.ui.core.Element
28
28
  * @constructor
29
29
  * @public
package/src/sap/ui/vbm/Adapter3D.js CHANGED
@@ -42,7 +42,7 @@ sap.ui.define([
42
42
  * @param {string} [sId] id for the new control, generated automatically if no id is given
43
43
  * @param {object} [mSettings] initial settings for the new object
44
44
  * @author SAP SE
45
- * @version 1.96.0
45
+ * @version 1.96.1
46
46
  * @extends sap.ui.core.Element
47
47
  * @constructor
48
48
  * @public
package/src/sap/ui/vbm/Viewport.js CHANGED
@@ -24,7 +24,7 @@ sap.ui.define([
24
24
  *
25
25
  * @public
26
26
  * @author SAP SE
27
- * @version 1.96.0
27
+ * @version 1.96.1
28
28
  * @extends sap.ui.core.Control
29
29
  * @alias sap.ui.vbm.Viewport
30
30
  */
package/src/sap/ui/vbm/adapter3d/ModelHandler.js CHANGED
@@ -30,7 +30,7 @@ sap.ui.define([
30
30
  *
31
31
  * @private
32
32
  * @author SAP SE
33
- * @version 1.96.0
33
+ * @version 1.96.1
34
34
  * @alias sap.ui.vbm.adapter3d.ModelHandler
35
35
  */
36
36
  var ModelHandler = BaseObject.extend("sap.ui.vbm.adapter3d.ModelHandler", /** @lends sap.ui.vbm.adapter3d.ModelHandler.prototype */ {
package/src/sap/ui/vbm/adapter3d/ObjectFactory.js CHANGED
@@ -378,7 +378,7 @@ sap.ui.define([
378
378
  *
379
379
  * @private
380
380
  * @author SAP SE
381
- * @version 1.96.0
381
+ * @version 1.96.1
382
382
  * @alias sap.ui.vbm.adapter3d.ObjectFactory
383
383
  */
384
384
  var ObjectFactory = BaseObject.extend("sap.ui.vbm.adapter3d.ObjectFactory", /** @lends sap.ui.vbm.adapter3d.ObjectFactory.prototype */ {});
package/src/sap/ui/vbm/adapter3d/PolygonHandler.js CHANGED
@@ -33,7 +33,7 @@ sap.ui.define([
33
33
  *
34
34
  * @private
35
35
  * @author SAP SE
36
- * @version 1.96.0
36
+ * @version 1.96.1
37
37
  * @alias sap.ui.vbm.adapter3d.PolygonHandler
38
38
  */
39
39
  var PolygonHandler = BaseObject.extend("sap.ui.vbm.adapter3d.PolygonHandler", /** @lends sap.ui.vbm.adapter3d.PolygonHandler.prototype */ {
package/src/sap/ui/vbm/adapter3d/SceneBuilder.js CHANGED
@@ -47,7 +47,7 @@ sap.ui.define([
47
47
  *
48
48
  * @private
49
49
  * @author SAP SE
50
- * @version 1.96.0
50
+ * @version 1.96.1
51
51
  * @alias sap.ui.vbm.adapter3d.SceneBuilder
52
52
  */
53
53
  var SceneBuilder = BaseObject.extend("sap.ui.vbm.adapter3d.SceneBuilder", /** @lends sap.ui.vbm.adapter3d.SceneBuilder.prototype */ {
@@ -352,6 +352,8 @@ sap.ui.define([
352
352
 
353
353
  var iframe = document.createElement("iframe");
354
354
  iframe.style.visibility = "hidden";
355
+ // use sandbox attribute to disable script execution and all other suspicious activities in iframe as we cannot affectively escape input HTML.
356
+ iframe.sandbox = "allow-same-origin";
355
357
  iframe.width = width;
356
358
  iframe.height = height;
357
359
  document.body.appendChild(iframe);
package/src/sap/ui/vbm/adapter3d/VBIJSONParser.js CHANGED
@@ -57,7 +57,7 @@ sap.ui.define([
57
57
  *
58
58
  * @private
59
59
  * @author SAP SE
60
- * @version 1.96.0
60
+ * @version 1.96.1
61
61
  * @alias sap.ui.vbm.adapter3d.VBIJSONParser
62
62
  */
63
63
  var VBIJSONParser = BaseObject.extend("sap.ui.vbm.adapter3d.VBIJSONParser", /** @lends sap.ui.vbm.adapter3d.VBIJSONParser.prototype */ {
package/src/sap/ui/vbm/lib/sapscene.js CHANGED
@@ -3352,7 +3352,7 @@ VBI.GeoScene = function(target, mapmanager, maplayerstack) {
3352
3352
  }
3353
3353
  var sCopyright = scene.m_MapLayerStack.GetCopyright();
3354
3354
  if (sCopyright) {
3355
- scene.m_DivCopyright.innerHTML = sCopyright;
3355
+ scene.m_DivCopyright.innerHTML = jQuery.sap.encodeHTML(sCopyright);
3356
3356
  } else {
3357
3357
  scene.m_DivCopyright.style.paddingRight = 0;
3358
3358
  scene.m_DivCopyright.style.paddingLeft = 0;
package/src/sap/ui/vbm/lib/saputilities.js CHANGED
@@ -271,7 +271,7 @@ VBI.Utilities.CreateCaption = function(id, text, left, top, right, bottom, toolt
271
271
  }
272
272
 
273
273
  newElement.className = "vbi-2d-caption vbi-2d-common";
274
- newElement.innerHTML = text;
274
+ newElement.innerHTML = jQuery.sap.encodeHTML(text);
275
275
  return newElement;
276
276
  };
277
277
 
@@ -287,7 +287,7 @@ VBI.Utilities.CreateLabel = function(id, text, left, top, right, bottom, tooltip
287
287
  newElement.style.textAlign = VBI.Utilities.Align[align];
288
288
  newElement.style.title = tooltip;
289
289
  newElement.className = "vbi-2d-label vbi-2d-common";
290
- newElement.innerHTML = text;
290
+ newElement.innerHTML = jQuery.sap.encodeHTML(text);
291
291
  return newElement;
292
292
  };
293
293
 
@@ -304,7 +304,7 @@ VBI.Utilities.CreateLink = function(id, text, left, top, right, bottom, href, to
304
304
  newElement.className = "vbi-2d-link vbi-2d-common";
305
305
  newElement.href = href ? href : "javascrip" + "t:void(0)"; // separated to fool ESLint
306
306
  newElement.title = tooltip;
307
- newElement.innerHTML = text;
307
+ newElement.innerHTML = jQuery.sap.encodeHTML(text);
308
308
  return newElement;
309
309
  };
310
310
 
@@ -334,7 +334,7 @@ VBI.Utilities.CreateButton = function(id, text, left, top, right, bottom, toolti
334
334
  newElement.style.height = (bottom - top).toString() + "px";
335
335
  newElement.style.textAlign = VBI.Utilities.Align[align];
336
336
  newElement.className = "vbi-2d-button vbi-2d-common";
337
- newElement.innerHTML = text;
337
+ newElement.innerHTML = jQuery.sap.encodeHTML(text);
338
338
  newElement.title = tooltip;
339
339
  return newElement;
340
340
  };
@@ -391,7 +391,7 @@ VBI.Utilities.CreateDetailPhone = function(id, left, top, width, height, titlete
391
391
  title.setAttribute("role", sap.ui.core.AccessibleRole.Heading);
392
392
  title.id = id + "-window-title";
393
393
  title.className = "vbi-detail-title-phone";
394
- title.innerHTML = titletext;
394
+ title.innerHTML = jQuery.sap.encodeHTML(titletext);
395
395
  header.appendChild(title);
396
396
 
397
397
  // create the close.......................................................//
@@ -477,7 +477,7 @@ VBI.Utilities.CreateDetail = function(id, left, top, width, height, titletext, p
477
477
  title.setAttribute("role", sap.ui.core.AccessibleRole.Heading);
478
478
  title.id = id + "-window-title";
479
479
  title.className = "vbi-detail-title";
480
- title.innerHTML = titletext;
480
+ title.innerHTML = jQuery.sap.encodeHTML(titletext);
481
481
  header.appendChild(title);
482
482
 
483
483
  // create the close.......................................................//
@@ -602,7 +602,7 @@ VBI.Utilities.CreateLegend = function(id, top, titletext, padding, bClickRow) {
602
602
  title.setAttribute("role", sap.ui.core.AccessibleRole.Heading);
603
603
  title.id = id + "-title";
604
604
  title.className = "vbi-legend-title";
605
- title.innerHTML = titletext;
605
+ title.innerHTML = jQuery.sap.encodeHTML(titletext);
606
606
  header.appendChild(title);
607
607
 
608
608
  // create the content.....................................................//
package/src/sap/ui/vbm/lib/sapvbi.js CHANGED
@@ -106,7 +106,7 @@ sap.ui.define(function() {
106
106
  if (trace == null) {
107
107
  return;
108
108
  }
109
- VBI.m_Log = VBI.m_Log + text + "<br>";
109
+ VBI.m_Log = VBI.m_Log + jQuery.sap.encodeHTML(text) + "<br>";
110
110
  trace.innerHTML = VBI.m_Log;
111
111
  },
112
112
 
package/src/sap/ui/vbm/library.js CHANGED
@@ -20,7 +20,7 @@ sap.ui.define([
20
20
  * @namespace
21
21
  * @name sap.ui.vbm
22
22
  * @author SAP SE
23
- * @version 1.96.0
23
+ * @version 1.96.1
24
24
  * @public
25
25
  */
26
26
 
@@ -43,7 +43,7 @@ sap.ui.define([
43
43
  "sap.ui.vbm.ClusterBase", "sap.ui.vbm.ClusterTree", "sap.ui.vbm.ClusterGrid", "sap.ui.vbm.ClusterDistance", "sap.ui.vbm.Heatmap",
44
44
  "sap.ui.vbm.HeatPoint", "sap.ui.vbm.ClusterContainer", "sap.ui.vbm.Adapter", "sap.ui.vbm.Adapter3D"
45
45
  ],
46
- version: "1.96.0"
46
+ version: "1.96.1"
47
47
  });
48
48
 
49
49
  sap.ui.loader.config({