[#7534] - [imp] Adding manifest xml link to Update Sites Manager page
- Closed
- 24 Jul 2015
- Low
- Build: staging
- Easy Test
- # 7534
- Diff
- infograf768:update_sites
- Success The Travis CI build passed Details
User tests: Successful: Unsuccessful:
This improvement lets check easily if the xml is correct by displaying a link to its location under the site name.
After patch one should get:
| Status | New | ⇒ | Pending |
joomla-cms-bot
- | Labels |
Added:
?
|
||
| Priority | Medium | ⇒ | Low |
| Easy | No | ⇒ | Yes |
| Category | ⇒ | Components |
| Category | Components | ⇒ | Administration Components |
Added 
Might be a good idea.
Something like ?:
<td>
<label for="cb<?php echo $i; ?>">
<?php echo $item->update_site_name; ?>
<br /><span class="small"><a href="<?php echo $item->location; ?>" target="_blank">
<?php echo $this->escape($item->location); ?></a></span>
</label>
</td>
We do have a similar code for update
https://github.com/joomla/joomla-cms/blob/staging/administrator/components/com_installer/views/update/tmpl/default.php#L120-L122 where the link is not escaped
test good, for me 
Escaping the link when you use it as link doesn't make sense. But if you display it it makes sense. Your code looks fine and is the same like in com_installer where the display part is escaped as well
Escaping the link when you use it as link doesn't make sense
You are right. Thinking about it again, putting malicious content in that field would require the Super User to install an extension with a malicious update server URL. But if a hacker can get you to install their software on your server it's game over anyway. Brain fart. Please ignore me.
I had the same thought and came to same conclusion :)
Escaped display part. I guess this can now go RTC. Thanks for testing.
| Status | Pending | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2015-07-24 06:33:18 |
| Closed_By | ⇒ | Bakual |
| Milestone |
Added: |
||
looks cool
maybe add
target="_blank"for open the link in the new tab/window?