Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0056754Openbravo ERPA. Platformpublic2024-10-14 08:112024-11-10 22:44
Reporteralostale 
Assigned ToTriage Platform Base 
PrioritynormalSeveritymajorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionFixed in VersionPR25Q1 
Merge Request Statusapproved
Review Assigned To
OBNetwork customerGold
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0056754: broken layout in window title
DescriptionWhen opening a link to Openbravo backoffice if the title of a view contains some special characters the layout can be broken.
Steps To ReproduceTry to open some link like:

https://localhost:8080/openbravo/#%7Bst:0,bm:%5B%7BviewId:__X__,params:%7BtabTitle:__%3Cimg%20src=a%20onerr [^]
or=alert()%3E__%7D%7D%5D%7D
Proposed SolutionProperly treat/escape tab titles when rendering them.
Additional Information
TagsNo tags attached.
Relationships
depends on backport 0056994PR24Q4 closed Triage Platform Base broken layout in window title 
depends on backport 0056995PR24Q3.3 closed Triage Platform Base broken layout in window title 
depends on backport 0056996PR24Q2.5 closed Triage Platform Base broken layout in window title 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2024-10-14 08:11alostaleNew Issue
2024-10-14 08:11alostaleAssigned To => Triage Platform Base
2024-10-14 08:11alostaleOBNetwork customer => No
2024-10-14 08:11alostaleModules => Core
2024-10-14 08:11alostaleTriggers an Emergency Pack => No
2024-10-14 08:12alostaleOBNetwork customerNo => Gold
2024-11-03 16:30hgbotMerge Request Status => open
2024-11-03 16:30hgbotNote Added: 0171259
2024-11-05 18:53AugustoMauchStatusnew => scheduled
2024-11-10 22:44hgbotMerge Request Statusopen => approved
2024-11-10 22:44hgbotResolutionopen => fixed
2024-11-10 22:44hgbotStatusscheduled => closed
2024-11-10 22:44hgbotNote Added: 0171728
2024-11-10 22:44hgbotFixed in Version => PR25Q1
2024-11-10 22:44hgbotNote Added: 0171729

Notes
(0171259)
hgbot   
2024-11-03 16:30   
Merge Request created: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/1420 [^]
(0171728)
hgbot   
2024-11-10 22:44   
Merge request merged: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/1420 [^]
(0171729)
hgbot   
2024-11-10 22:44   
Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/openbravo [^]
Changeset: 94841b88ee0e5ff8c4244a746d5246096ba98f2d
Author: Javier Armendáriz <j.armendariz@orisha.com>
Date: 10-11-2024 22:44:08
URL: https://gitlab.com/openbravo/product/openbravo/-/commit/94841b88ee0e5ff8c4244a746d5246096ba98f2d [^]

Fixed ISSUE-56754: Fixed display of tab title and recent tab when title has invalid characters

---
M modules/org.openbravo.client.application/web/org.openbravo.client.application/js/utilities/ob-view-manager.js
M modules/org.openbravo.client.myob/web/org.openbravo.client.myob/js/ob-myopenbravo.js
---