From 88ec616559ee556f14f61c0dc8c4e6f3fd96fa01 Mon Sep 17 00:00:00 2001
From: Peter Mathis <peter.mathis@kombinat.at>
Date: Tue, 6 Dec 2022 15:18:45 +0100
Subject: [PATCH] fix(pat structure): fix escaped HTML in crumb and rename
 title.

---
 src/pat/structure/js/views/generic-popover.js | 5 ++++-
 src/pat/structure/js/views/table.js           | 3 ++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/pat/structure/js/views/generic-popover.js b/src/pat/structure/js/views/generic-popover.js
index b603d0afa..3580dde47 100644
--- a/src/pat/structure/js/views/generic-popover.js
+++ b/src/pat/structure/js/views/generic-popover.js
@@ -3,6 +3,7 @@ import _ from "underscore";
 import _t from "../../../../core/i18n-wrapper";
 import PopoverView from "../../../../core/ui/views/popover";
 import registry from "@patternslib/patternslib/src/core/registry";
+import utils from "@patternslib/patternslib/src/core/utils";
 
 export default PopoverView.extend({
     events: {
@@ -45,7 +46,9 @@ export default PopoverView.extend({
     getTemplateOptions: function () {
         const items = [];
         for (const item of this.app.selectedCollection.models) {
-            items.push(item.toJSON());
+            let _json = item.toJSON();
+            _json["Title"] = utils.escape_html(_json["Title"]);
+            items.push(_json);
         }
         return $.extend({}, true, this.options, {
             items: items,
diff --git a/src/pat/structure/js/views/table.js b/src/pat/structure/js/views/table.js
index 66a67364d..49961028e 100644
--- a/src/pat/structure/js/views/table.js
+++ b/src/pat/structure/js/views/table.js
@@ -11,6 +11,7 @@ import "../../../datatables/datatables";
 import "bootstrap/js/src/alert";
 import utils from "../../../../core/utils";
 import logging from "@patternslib/patternslib/src/core/logging";
+import patternslib_utils from "@patternslib/patternslib/src/core/utils";
 
 const log = logging.getLogger("pat-structure/table");
 
@@ -66,7 +67,7 @@ export default BaseView.extend({
         if (crumbs && crumbs.length) {
             const $crumbs = this.$(".fc-breadcrumbs a.crumb");
             _.each(crumbs, (crumb, idx) => {
-                $crumbs.eq(idx).html(crumb.title);
+                $crumbs.eq(idx).html(patternslib_utils.escape_html(crumb.title));
             });
         }
         this.trigger("context-info:set");