FSN#37533 BLOCK_START titel altijd HTML-safe maken

svn path=/Website/trunk/; revision=34786

APPL/MLD/mld_show_melding.asp

@@ -412,7 +412,7 @@ function parentButton()
 
 %></div><% // div.leftcontainer, de rest staat rechts
 
-    BLOCK_START("mldInfo", L("lcl_complain") + " "+ (mld_melding.prefix != null? mld_melding.prefix : "") + mld_key + (mld_melding.mld_onderwerp ? ": <span class='mldsubject'>" + safe.html(mld_melding.mld_onderwerp) + "</span>" : ""), { safe: false });
+    BLOCK_START("mldInfo", L("lcl_complain") + " "+ (mld_melding.prefix != null? mld_melding.prefix : "") + mld_key + (mld_melding.mld_onderwerp ? ": <span class='mldsubject'>" + safe.html(mld_melding.mld_onderwerp) + "</span>" : ""), { ishtmlsafe: true });
       if (mld_melding.behandel_key) {
           FCLTpersoonselector("sBehandel",
                               "sgBehandelaar",

APPL/PRS/prs_phonebook.asp

@@ -78,7 +78,7 @@ FCLTHeader.Requires({plugins:["jQuery", "kenmerk"],
     <div id="search">
       <form method="get" action="prs_phonebook_list.asp" target=workFrame name="u2" onsubmit='startSearch(1);return false'>
             <input type="hidden" name="user_key" value="<%=user_key%>">
-<%    BLOCK_START("searchtable", L("lcl_pb_filterblok") + " <span id='phonebookteaser'>" + S("prs_phonebook_info") + "</span>", { safe: false });%>
+<%    BLOCK_START("searchtable", L("lcl_pb_filterblok") + " <span id='phonebookteaser'>" + S("prs_phonebook_info") + "</span>", { ishtmlsafe: true });%>
         <tr>
           <td class="searchkolom1">
             <table><!-- x rijen, 2 kolommen: label + veld -->

APPL/RES/res_edit_objcat.asp

@@ -276,7 +276,7 @@ var new_item_key = 0;  // Globaal
           {
             if (first)
             {
-              BLOCK_START("resObj",L("lcl_res_objects") + " <a href='javascript:openLegenda()'><span class='fa fa-list-ul details' title='"+L("lcl_res_legenda")+"'></span></a>", { safe: false });
+              BLOCK_START("resObj",L("lcl_res_objects") + " <a href='javascript:openLegenda()'><span class='fa fa-list-ul details' title='"+L("lcl_res_legenda")+"'></span></a>", { ishtmlsafe: true });
 %>
               <tr>
                 <td>

APPL/SCF/scaffolding_search.inc

@@ -279,9 +279,9 @@ function scaffolding_search(model, scf_params)
         if ("estimated_rows" in model)
             est_title = " <em style='font-size:10px'>estimated {0} rows as of {1}</em>".format(model.estimated_rows, toDateTimeString(model.last_analyzed));
         else
-            est_title = " " + model.records_title;
+            est_title = " " + safe.html(model.records_title);
 
-        BLOCK_START("searchtable", L("lcl_filterblok") + est_title);
+        BLOCK_START("searchtable", L("lcl_filterblok") + est_title, { ishtmlsafe: true });
 
         if (scf_params.search.labels)
         {

APPL/Shared/iface.inc

@@ -120,7 +120,7 @@ function BLOCK_START(id, title, params) {
     if (__blockactive__) ERROR_NESTED_BLOCK_START_DETECTED;
         __blockactive__ = true;
 
-    if (params.safe !== false && title && title != " ") var safe_title = safe.html(title);
+    if (!params.ishtmlsafe && title && title != " ") var safe_title = safe.html(title);
 %><!-- BLOCK_START <%=id%> -->
 <div id="<%=id%>" class="fcltblock" <%=params.hidden? ' style="display:none"' : ''%>>
    <div class="fcltblockhead"><%=(safe_title || title)%>