From 5c5287ca21da04d9efa5058b200aa3df6aeb8305 Mon Sep 17 00:00:00 2001 From: Patrik Kernstock Date: Fri, 26 Sep 2025 04:04:45 +0200 Subject: [PATCH 1/2] Fixed wrong footer escaping --- data/web/js/build/013-mailcow.js | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/data/web/js/build/013-mailcow.js b/data/web/js/build/013-mailcow.js index f09098310..53e48d60a 100644 --- a/data/web/js/build/013-mailcow.js +++ b/data/web/js/build/013-mailcow.js @@ -22,8 +22,8 @@ $(document).ready(function() { $.notify({message: msg},{z_index: 20000, delay: auto_hide, type: type,placement: {from: "bottom",align: "right"},animate: {enter: 'animated fadeInUp',exit: 'animated fadeOutDown'}}); } - $(".generate_password").click(async function( event ) { - try { + $(".generate_password").click(async function( event ) { + try { var password_policy = await window.fetch("/api/v1/get/passwordpolicy", { method:'GET', cache:'no-cache' }); var password_policy = await password_policy.json(); random_passwd_length = password_policy.length; @@ -48,7 +48,7 @@ $(document).ready(function() { }) } $(".rot-enc").html(function(){ - return str_rot13($(this).html()) + return str_rot13($(this).text()) }); // https://stackoverflow.com/questions/4399005/implementing-jquerys-shake-effect-with-animate function shake(div,interval,distance,times) { @@ -125,7 +125,7 @@ $(document).ready(function() { } }); })(); - + // responsive tabs, scroll to opened tab $(document).on("shown.bs.collapse shown.bs.tab", function (e) { var target = $(e.target); @@ -409,4 +409,4 @@ function copyToClipboard(id) { // only works with https connections navigator.clipboard.writeText(copyText.value); mailcow_alert_box(lang.copy_to_clipboard, "success"); -} \ No newline at end of file +} From 702ed85dfd0747216da1b74fb535e58f8c19ca40 Mon Sep 17 00:00:00 2001 From: Patrik Kernstock Date: Fri, 26 Sep 2025 14:41:19 +0200 Subject: [PATCH 2/2] Fixed footer escaping --- data/web/inc/header.inc.php | 6 +++++- data/web/js/build/013-mailcow.js | 6 +++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/data/web/inc/header.inc.php b/data/web/inc/header.inc.php index 9ab2ad174..d2ce6f3d0 100644 --- a/data/web/inc/header.inc.php +++ b/data/web/inc/header.inc.php @@ -62,7 +62,11 @@ if ($app_links_processed){ } } - +// Workaround to get text with
straight to twig. +// Using "nl2br" doesn't work with Twig as it would escape everything by default. +if (isset($UI_TEXTS["ui_footer"])) { + $UI_TEXTS["ui_footer"] = nl2br($UI_TEXTS["ui_footer"]); +} $globalVariables = [ 'mailcow_hostname' => getenv('MAILCOW_HOSTNAME'), diff --git a/data/web/js/build/013-mailcow.js b/data/web/js/build/013-mailcow.js index 53e48d60a..d897f23ea 100644 --- a/data/web/js/build/013-mailcow.js +++ b/data/web/js/build/013-mailcow.js @@ -48,7 +48,11 @@ $(document).ready(function() { }) } $(".rot-enc").html(function(){ - return str_rot13($(this).text()) + footer_html = $(this).html(); + footer_html = footer_html.replace(/</g, '<').replace(/>/g, '>') + .replace(/&/g, '&').replace(/&nzc;/g, '&') + .replace(/"/g, '"').replace(/'/g, "'"); + return str_rot13(footer_html) }); // https://stackoverflow.com/questions/4399005/implementing-jquerys-shake-effect-with-animate function shake(div,interval,distance,times) {