Startsida Utforska Hjälp
Logga in
style24
/
style24.admin
2
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Bläddra i källkod

Merge remote-tracking branch '112.172.147.34/style' into ST24PRJ-497(입점클레임반품배송비)

jsh77b 4 år sedan
förälder
f0ff7b7d8c 69bb021298
incheckning
db181ec6cc
58 ändrade filer med 938 tillägg och 175 borttagningar
Delad Vy Visa Diff Statistik
  1. 10 0
      pom.xml
  2. 1 1
      src/main/java/com/style24/admin/biz/dao/TsaMailTemplateDao.java
  3. 2 1
      src/main/java/com/style24/admin/biz/service/TsaFaqService.java
  4. 27 4
      src/main/java/com/style24/admin/biz/service/TsaGoodsService.java
  5. 20 1
      src/main/java/com/style24/admin/biz/service/TsaMailTemplateService.java
  6. 1 1
      src/main/java/com/style24/admin/biz/service/TsaNoticeService.java
  7. 21 0
      src/main/java/com/style24/admin/biz/web/TsaMarketingController.java
  8. 15 4
      src/main/java/com/style24/persistence/domain/Coupon.java
  9. 1 1
      src/main/java/com/style24/persistence/mybatis/shop/TsaDelivery.xml
  10. 7 2
      src/main/webapp/WEB-INF/views/board/NoticeForm.html
  11. 5 0
      src/main/webapp/WEB-INF/views/business/AflinkForm.html
  12. 8 0
      src/main/webapp/WEB-INF/views/business/DeliveryLocForm.html
  13. 12 0
      src/main/webapp/WEB-INF/views/business/SupplyCompanyForm.html
  14. 12 1
      src/main/webapp/WEB-INF/views/business/SupplyCompanyPopupForm.html
  15. 44 1
      src/main/webapp/WEB-INF/views/business/SupplyVendorForm.html
  16. 14 0
      src/main/webapp/WEB-INF/views/common/fragments/footer.html
  17. 46 4
      src/main/webapp/WEB-INF/views/customer/CustomerDetailForm.html
  18. 10 4
      src/main/webapp/WEB-INF/views/customer/OneToOneQnaDetailForm.html
  19. 12 0
      src/main/webapp/WEB-INF/views/display/CategoryForm.html
  20. 13 2
      src/main/webapp/WEB-INF/views/display/CategoryGoodsForm.html
  21. 20 2
      src/main/webapp/WEB-INF/views/display/CategorySearchForm.html
  22. 14 0
      src/main/webapp/WEB-INF/views/display/LookbookListForm.html
  23. 5 0
      src/main/webapp/WEB-INF/views/display/PopupListForm.html
  24. 23 1
      src/main/webapp/WEB-INF/views/display/SearchKeywordForm.html
  25. 31 1
      src/main/webapp/WEB-INF/views/envset/AnswerPhaseForm.html
  26. 8 0
      src/main/webapp/WEB-INF/views/envset/BasicEnvsetForm.html
  27. 20 1
      src/main/webapp/WEB-INF/views/goods/ColorForm.html
  28. 5 0
      src/main/webapp/WEB-INF/views/goods/GoodsAdKeywordForm.html
  29. 5 0
      src/main/webapp/WEB-INF/views/goods/GoodsContentsForm.html
  30. 24 1
      src/main/webapp/WEB-INF/views/goods/GoodsDetailForm.html
  31. 6 1
      src/main/webapp/WEB-INF/views/goods/GoodsNoticeForm.html
  32. 11 2
      src/main/webapp/WEB-INF/views/goods/GoodsPopupListForm.html
  33. 6 1
      src/main/webapp/WEB-INF/views/goods/GoodsSizeInfoForm.html
  34. 12 1
      src/main/webapp/WEB-INF/views/goods/GoodsTitleReserveForm.html
  35. 14 1
      src/main/webapp/WEB-INF/views/goods/ItemkindBaseForm.html
  36. 16 1
      src/main/webapp/WEB-INF/views/goods/WmsColorMappingForm.html
  37. 1 1
      src/main/webapp/WEB-INF/views/marketing/CouponListForm.html
  38. 8 1
      src/main/webapp/WEB-INF/views/marketing/CouponPopupForm.html
  39. 2 1
      src/main/webapp/WEB-INF/views/marketing/CouponPubCustListPopupForm.html
  40. 56 7
      src/main/webapp/WEB-INF/views/marketing/FreeGoodsPromotionRegiForm.html
  41. 14 1
      src/main/webapp/WEB-INF/views/marketing/MailTemplateDetailForm.html
  42. 9 0
      src/main/webapp/WEB-INF/views/marketing/MorebetterPopupForm.html
  43. 25 0
      src/main/webapp/WEB-INF/views/marketing/PlanCornerListForm.html
  44. 9 2
      src/main/webapp/WEB-INF/views/marketing/PlanListForm.html
  45. 5 0
      src/main/webapp/WEB-INF/views/marketing/PollListForm.html
  46. 10 1
      src/main/webapp/WEB-INF/views/marketing/ShotDeliveryForm.html
  47. 16 2
      src/main/webapp/WEB-INF/views/marketing/SocialShoppingListForm.html
  48. 28 2
      src/main/webapp/WEB-INF/views/ocm/ExtmallForm.html
  49. 100 98
      src/main/webapp/WEB-INF/views/order/OrderDetailForm.html
  50. 10 1
      src/main/webapp/WEB-INF/views/shoplinker/ShoplinkerStockForm.html
  51. 38 2
      src/main/webapp/WEB-INF/views/system/BatchForm.html
  52. 39 2
      src/main/webapp/WEB-INF/views/system/CommoncodeForm.html
  53. 6 0
      src/main/webapp/WEB-INF/views/system/MenuForm.html
  54. 5 0
      src/main/webapp/WEB-INF/views/system/SampleFileForm.html
  55. 37 2
      src/main/webapp/WEB-INF/views/system/SystemAlarmForm.html
  56. 6 0
      src/main/webapp/WEB-INF/views/withdraw/RefundRegisterListForm.html
  57. 1 0
      src/main/webapp/ux/js/admin.ui.js
  58. 12 12
      src/main/webapp/ux/plugins/gaga/gaga.agGrid.js

+ 10 - 0
pom.xml
Visa fil 

@@ -24,6 +24,16 @@
 
 		<dependency>
 
 			<groupId>org.springframework.boot</groupId>
 
 			<artifactId>spring-boot-starter-security</artifactId>
 
+			<exclusions>
 
+				<exclusion>
 
+					<groupId>org.apache.logging.log4j</groupId>
 
+					<artifactId>log4j-api</artifactId>
 
+				</exclusion>
 
+				<exclusion>
 
+					<groupId>org.apache.logging.log4j</groupId>
 
+					<artifactId>log4j-to-slf4j</artifactId>
 
+				</exclusion>
 
+			</exclusions>
 
 		</dependency>
 
 		<dependency>
 
 			<groupId>org.springframework.security</groupId>

+ 1 - 1
src/main/java/com/style24/admin/biz/dao/TsaMailTemplateDao.java
Visa fil 

@@ -101,7 +101,7 @@ public interface TsaMailTemplateDao {
 
 	 * @author gagamel
 
 	 * @since 2021. 5. 11
 
 	 */
 
-	void deleteMailTemplate(MailTemplate mailTemplate);
 
+	int deleteMailTemplate(MailTemplate mailTemplate);
 
 
 	/**
 
 	 * 메일템플릿코너 삭제

+ 2 - 1
src/main/java/com/style24/admin/biz/service/TsaFaqService.java
Visa fil 

@@ -46,7 +46,8 @@ public class TsaFaqService {
 
 	public void saveFaq(Faq faq) {
 
 		// 내용 유무 확인
 
 		if (StringUtils.isNotBlank(faq.getAnswer())) {
 
-			faq.setAnswer(faq.getAnswer().replaceAll("&lt;", "<").replaceAll("&gt;", ">"));
 
+			//faq.setAnswer(faq.getAnswer().replaceAll("&lt;", "<").replaceAll("&gt;", ">"));
 
+			faq.setAnswer(faq.getAnswer().replaceAll("(?i)script",""));
 
 		}
 
 
 		faqDao.saveFaq(faq);

+ 27 - 4
src/main/java/com/style24/admin/biz/service/TsaGoodsService.java
Visa fil 

@@ -2,6 +2,8 @@ package com.style24.admin.biz.service;
 
 
 import java.io.File;
 
 import java.io.IOException;
 
+import java.io.UnsupportedEncodingException;
 
+import java.net.URLEncoder;
 
 import java.text.SimpleDateFormat;
 
 import java.util.ArrayList;
 
 import java.util.Collection;
 
@@ -423,8 +425,13 @@ public class TsaGoodsService {
 
 			Collection<GagaMap> dataList = goodsDao.getGoodsInfoExcelList(goodsSearch); // map형식으로 조회
 
 			if (dataList != null && !dataList.isEmpty()) {
 
 				for (GagaMap gagaMap : dataList) {
 
-					if (!StringUtils.isBlank(gagaMap.get("SYS_IMG_NM").toString())) {
 
-						gagaMap.set("SYS_IMG_NM", targetPath + '/' + gagaMap.get("SYS_IMG_NM").toString() + "?RS=60");
 
+					if (!StringUtils.isBlank(gagaMap.getString("SYS_IMG_NM"))) {
 
+						try {
 
+							gagaMap.setString("SYS_IMG_NM", GagaFileUtil.getConcatenationPath(targetPath, gagaMap.getString("SYS_IMG_NM").substring(0, gagaMap.getString("SYS_IMG_NM").lastIndexOf("/") + 1) + URLEncoder.encode(GagaFileUtil.getFilename(gagaMap.getString("SYS_IMG_NM")), "UTF-8").replaceAll("\\+", "%20")) + "?RS=60");
 
+							//gagaMap.setString("SYS_IMG_NM", GagaFileUtil.getConcatenationPath(targetPath, gagaMap.getString("SYS_IMG_NM")));
 
+						} catch (UnsupportedEncodingException e) {
 
+							//throw new IllegalStateException(e);
 
+						}
 
 					}
 
 				}
 
 			}
 
@@ -964,10 +971,17 @@ public class TsaGoodsService {
 
 	 */
 
 	@Transactional("shopTxnManager")
 
 	public void saveGoodsDetail(Goods goods) {
 
-
 
+		
 		// <,> replace 처리
 
 		goods.setRegNo(TsaSession.getInfo().getUserNo());
 
 		goods.setUpdNo(TsaSession.getInfo().getUserNo());
 
+		goods.setGoodsContentsDesc(goods.getGoodsContentsDesc().replaceAll("(?i)script",""));
 
+		goods.setGoodsDesc(goods.getGoodsDesc().replaceAll("(?i)script",""));
 
+		goods.setGoodsCharacterDesc(goods.getGoodsCharacterDesc().replaceAll("(?i)script",""));
 
+		goods.setGoodsPcTopDesc(goods.getGoodsPcTopDesc().replaceAll("(?i)script",""));
 
+		goods.setGoodsMobileTopDesc(goods.getGoodsMobileTopDesc().replaceAll("(?i)script",""));
 
+		goods.setGoodsPcDownDesc(goods.getGoodsPcDownDesc().replaceAll("(?i)script",""));
 
+		goods.setGoodsMobileDownDesc(goods.getGoodsMobileDownDesc().replaceAll("(?i)script",""));
 
 
 //		goods.setGoodsDesc(GagaStringUtil.replace(GagaStringUtil.replace(goods.getGoodsDesc(), "&lt;", "<"), "&gt;", ">"));
 
 //		goods.setGoodsPcTopDesc(GagaStringUtil.replace(GagaStringUtil.replace(goods.getGoodsPcTopDesc(), "&lt;", "<"), "&gt;", ">"));
 
@@ -1967,6 +1981,7 @@ public class TsaGoodsService {
 
 	public void saveNotice(Notice notice) {
 
 		notice.setRegNo(TsaSession.getInfo().getUserNo());
 
 		notice.setUpdNo(TsaSession.getInfo().getUserNo());
 
+		notice.setNoticeContent(notice.getNoticeContent().replaceAll("(?i)script", ""));
 
 
 		// 신규 일때
 
 		if (notice.getNoticeSq() == null) {
 
@@ -3940,6 +3955,7 @@ public class TsaGoodsService {
 
 		//log.info("[saveSizeInfo] sizeInfo {}", sizeInfo);
 
 		String sizeCate1Cd = "";
 
 		String sizeCate2Cd = "";
 
+		sizeInfo.setSizeInfo(sizeInfo.getSizeInfo().replaceAll("(?i)script", ""));
 
 		if ("1".equals(sizeInfo.getSizeGb())) {
 
 
 			if (StringUtils.isBlank(sizeInfo.getSizeCate1Cd())) {
 
@@ -4157,7 +4173,6 @@ public class TsaGoodsService {
 
 	 */
 
 	@Transactional("shopTxnManager")
 
 	public void createSalfGoodsDetail(Goods goods) {
 
-
 
 		// 중복여부 확인
 
 		Goods goodsDup = goodsDao.getGoods(goods);
 
 		if (goodsDup != null) {
 
@@ -4198,6 +4213,14 @@ public class TsaGoodsService {
 
 //		goods.setGoodsNm(GagaStringUtil.replace(GagaStringUtil.replace(goods.getGoodsNm(), "&lt;", "<"), "&gt;", ">"));
 
 //		goods.setGoodsTnm(GagaStringUtil.replace(GagaStringUtil.replace(goods.getGoodsTnm(), "&lt;", "<"), "&gt;", ">"));
 
 //		goods.setGoodsSnm1(GagaStringUtil.replace(GagaStringUtil.replace(goods.getGoodsSnm1(), "&lt;", "<"), "&gt;", ">"));
 
+		
+		goods.setGoodsContentsDesc(goods.getGoodsContentsDesc().replaceAll("(?i)script",""));
 
+		goods.setGoodsDesc(goods.getGoodsDesc().replaceAll("(?i)script",""));
 
+		goods.setGoodsCharacterDesc(goods.getGoodsCharacterDesc().replaceAll("(?i)script",""));
 
+		goods.setGoodsPcTopDesc(goods.getGoodsPcTopDesc().replaceAll("(?i)script",""));
 
+		goods.setGoodsMobileTopDesc(goods.getGoodsMobileTopDesc().replaceAll("(?i)script",""));
 
+		goods.setGoodsPcDownDesc(goods.getGoodsPcDownDesc().replaceAll("(?i)script",""));
 
+		goods.setGoodsMobileDownDesc(goods.getGoodsMobileDownDesc().replaceAll("(?i)script",""));
 
 
 		// 판매기간설정 eskim
 
 		goods.setSellStdt(goods.getSellStYMD().replaceAll("-", "") + goods.getSellStHH() + "0000");

+ 20 - 1
src/main/java/com/style24/admin/biz/service/TsaMailTemplateService.java
Visa fil 

@@ -66,7 +66,7 @@ public class TsaMailTemplateService {
 
 	public void saveMailHeaderFooter(MailHeaderFooter mailhf) {
 
 		mailhf.setRegNo(TsaSession.getInfo().getUserNo());
 
 		mailhf.setUpdNo(TsaSession.getInfo().getUserNo());
 
-		mailhf.setMailhfContent(mailhf.getMailhfContent().replaceAll("&lt;", "<").replaceAll("&gt;", ">"));
 
+		//mailhf.setMailhfContent(mailhf.getMailhfContent().replaceAll("&lt;", "<").replaceAll("&gt;", ">"));
 
 		mailTemplateDao.saveMailHeaderFooter(mailhf);
 
 	}
 
 
@@ -182,6 +182,25 @@ public class TsaMailTemplateService {
 
 		}
 
 	}
 
 
+	/**
 
+	 * 메일템플릿 삭제
 
+	 * 
+	 * @param Integer
 
+	 * @return int
 
+	 * @author card007
 
+	 * @since 2021. 12. 16
 
+	 */
 
+	@Transactional("shopTxnManager")
 
+	public int deleteMailTemplate(Integer mailtSq) {
 
+		MailTemplate mailTemplate = new MailTemplate();
 
+		mailTemplate.setMailtSq(mailtSq);
 
+		mailTemplate.setUseYn("N");
 
+		mailTemplate.setRegNo(TsaSession.getInfo().getUserNo());
 
+		mailTemplate.setUpdNo(TsaSession.getInfo().getUserNo());
 
+
 
+		return mailTemplateDao.deleteMailTemplate(mailTemplate);
 
+	}
 
+
 
 	/**
 
 	 * 메일템플릿코너 삭제
 
 	 * @param mailtcSq - 메일템플릿코너일련번호

+ 1 - 1
src/main/java/com/style24/admin/biz/service/TsaNoticeService.java
Visa fil 

@@ -70,7 +70,7 @@ public class TsaNoticeService {
 
 	public void saveNotice(Notice notice) {
 
 		notice.setRegNo(TsaSession.getInfo().getUserNo());
 
 		notice.setUpdNo(TsaSession.getInfo().getUserNo());
 
-
 
+		notice.setNoticeContent(notice.getNoticeContent().replaceAll("(?i)script", ""));
 
 		// 신규 일때
 
 		if (notice.getNoticeSq() == null) {
 
 			// 공지사항 저장

+ 21 - 0
src/main/java/com/style24/admin/biz/web/TsaMarketingController.java
Visa fil 

@@ -1728,6 +1728,27 @@ public class TsaMarketingController extends TsaBaseController {
 
 		return super.ok(message.getMessage("SUCC_0003"));
 
 	}
 
 
+	/**
 
+	 * 메일템플릿 삭제
 
+	 * 
+	 * @param Integer
 
+	 * @return GagaResponse
 
+	 * @author card007
 
+	 * @since 2021. 12. 16
 
+	 */
 
+	@PostMapping("/mailtemplate/delete/{mailtSq}")
 
+	@ResponseBody
 
+	public GagaResponse deleteMailTemplate(@PathVariable Integer mailtSq) {
 
+		int result = mailTemplateService.deleteMailTemplate(mailtSq);
 
+		
+		if (result > 0) {
 
+			return super.ok(message.getMessage("SUCC_0003"));
 
+		} else {
 
+			return super.error(message.getMessage("FAIL_0003"));
 
+		}
 
+		
+	}
 
+
 
 	/**
 
 	 * 메일템플릿코너 삭제
 
 	 * @param mailtcSq - 메일템플릿코너일련번호

+ 15 - 4
src/main/java/com/style24/persistence/domain/Coupon.java
Visa fil 

@@ -1,14 +1,15 @@
 
 package com.style24.persistence.domain;
 
 
+import java.util.List;
 
+
 
 import com.fasterxml.jackson.annotation.JsonFormat;
 
+import com.style24.admin.support.security.session.TsaSession;
 
 import com.style24.core.support.util.CryptoUtils;
 
+import com.style24.core.support.util.MaskingUtils;
 
 import com.style24.persistence.TscBaseDomain;
 
 import com.style24.persistence.TscPageRequest;
 
-import lombok.Data;
 
 
-import java.util.List;
 
-import java.util.ArrayList;
 
-import java.util.Collection;
 
+import lombok.Data;
 
 
 /**
 
  * 쿠폰 도메인
 
@@ -65,6 +66,7 @@ public class Coupon extends TscBaseDomain {
 
     private String custNo;
 
     private String custNm;
 
     private String custGbNm;
 
+    private String cellPhnno;	// 휴대전화번호(탈퇴 시 NULL로 처리)
 
     private String custGradeNm;
 
     private String useYn;
 
     private String usedDt;
 
@@ -121,6 +123,14 @@ public class Coupon extends TscBaseDomain {
 
         this.custNm = CryptoUtils.decryptAES(this.custNm);
 
         return this.custNm;
 
     }
 
+    public String getCellPhnno() {
 
+        this.cellPhnno = CryptoUtils.decryptAES(this.cellPhnno);
 
+        return this.cellPhnno;
 
+    }
 
+
 
+    public String getMaskingCustNm() {
 
+        return TsaSession.getAttribute("maskingYn").equals("Y") ? MaskingUtils.name(getCustNm()) : getCustNm();
 
+    }
 
     
     // 업체목록배열
 
     @JsonFormat(with = JsonFormat.Feature.ACCEPT_SINGLE_VALUE_AS_ARRAY)
 
@@ -136,4 +146,5 @@ public class Coupon extends TscBaseDomain {
 
     private String supplyCompCd;
 
     private String brandGroupNm;
 
 
+    private String regId;
 
 }

+ 1 - 1
src/main/java/com/style24/persistence/mybatis/shop/TsaDelivery.xml
Visa fil 

@@ -175,7 +175,7 @@
 
 		                     , ODI.PRODUCT_CODE
 
 		                     , ODI.ITEM_QTY * B.ORD_QTY      AS ORD_QTY      -- 주문수량
 
 		                     , ODI.ITEM_QTY * B.CNCL_RTN_QTY AS CNCL_RTN_QTY -- 취소수량
 
-		                     , (ODI.ITEM_QTY * B.ORD_QTY  - ODI.ITEM_QTY * B.CNCL_RTN_QTY) SALE_QTY -- 판매수량
 
+		                     , (CAST(ODI.ITEM_QTY AS SIGNED) * B.ORD_QTY)  - (CAST(ODI.ITEM_QTY AS SIGNED) * B.CNCL_RTN_QTY) AS SALE_QTY -- 판매수량
 
 		                     , B.ORD_AMT - B.CNCL_RTN_AMT  AS SALE_AMT       -- 판매금액
 
 		                     , B.REAL_ORD_AMT  -- 실결제금액
 
 		                     , B.ORD_DTL_STAT  -- 주문상세상태

+ 7 - 2
src/main/webapp/WEB-INF/views/board/NoticeForm.html
Visa fil 

@@ -339,8 +339,8 @@
 
 				$('#detailForm input:checkbox[name=chkPopupYn]').prop('checked', false);
 
 				$("#detailForm input:checkbox[name=chkPopupYn]").parent().removeClass('checked');
 
 			}
 
-			$('#detailForm input[name=popupDispStdt]').val(event.data.popupDispStdt == '00000000' ? '' : event.data.popupDispStdt.toDate("YYYYMMDD").format("YYYY-MM-DD"));
 
-			$('#detailForm input[name=popupDispEddt]').val(event.data.popupDispEddt == '00000000' ? '' : event.data.popupDispEddt.toDate("YYYYMMDD").format("YYYY-MM-DD"));
 
+			$('#detailForm input[name=popupDispStdt]').val(event.data.popupDispStdt == '00000000' ? '' : event.data.popupDispStdt == null ? '' : event.data.popupDispStdt.toDate("YYYYMMDD").format("YYYY-MM-DD"));
 
+			$('#detailForm input[name=popupDispEddt]').val(event.data.popupDispEddt == '00000000' ? '' : event.data.popupDispEddt == null ? '' : event.data.popupDispEddt.toDate("YYYYMMDD").format("YYYY-MM-DD"));
 
 		}
 
 
 		// 공지내용. Summernote에 값 세팅
 
@@ -353,6 +353,7 @@
 
 
 		// 파일 목록
 
 		fnGetNoticeFileList(event.data.noticeSq);
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 
 	// 검색
 
@@ -614,6 +615,10 @@
 
 		});
 
 	});
 
 	
+	var fnUnEscapeHtml = function(){	//XSS 변환
 
+		$('#detailForm input[name=noticeTitle]').val($('#detailForm input[name=noticeTitle]').val().replaceXSS());
 
+	};
 
+	
 	$(document).ready(function() {
 
 		cfnCreateCalendar('#noticeTerms', 'startDt', 'endDt');

+ 5 - 0
src/main/webapp/WEB-INF/views/business/AflinkForm.html
Visa fil 

@@ -199,6 +199,7 @@
 
 		}
 
 
 		$('#detailForm input[name=afLinkNm]').focus();
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 	
 	// 검색
 
@@ -279,6 +280,10 @@
 
 		gagaAgGrid.exportToExcel('제휴채널 목록', gridOptions);
 
 	});
 
 	
+	var fnUnEscapeHtml = function(){	//XSS 변환
 
+		$('#detailForm input[name=afLinkNm]').val($('#detailForm input[name=afLinkNm]').val().replaceXSS());
 
+	};
 
+	
 	$(document).ready(function() {
 
 		// Create a agGrid
 
 		gagaAgGrid.createGrid('gridList', gridOptions);

+ 8 - 0
src/main/webapp/WEB-INF/views/business/DeliveryLocForm.html
Visa fil 

@@ -320,6 +320,7 @@
 
 		} else {

 			$('#detailForm input:radio[name=useYn]').eq(1).attr('checked', true);

 		}

+		fnUnEscapeHtml();	//XSS변환

 	}

 

 	// 업체 조회 팝업에서 호출

@@ -441,6 +442,13 @@
 
 		cfnOpenDaumAddr(daumZip);

 	}

 	

+	var fnUnEscapeHtml = function(){	//XSS 변환

+		$('#detailForm input[name=delvLocNm]').val($('#detailForm input[name=delvLocNm]').val().replaceXSS());

+		$('#detailForm input[name=rtnLocNm]').val($('#detailForm input[name=rtnLocNm]').val().replaceXSS());

+		$('#detailForm input[name=delvLocDtlAddr]').val($('#detailForm input[name=delvLocDtlAddr]').val().replaceXSS());

+		$('#detailForm input[name=rtnLocDtlAddr]').val($('#detailForm input[name=rtnLocDtlAddr]').val().replaceXSS());

+	};

+	

 	$(document).ready(function() {

 		// Create a agGrid

 		gagaAgGrid.createGrid('gridList', gridOptions);

+ 12 - 0
src/main/webapp/WEB-INF/views/business/SupplyCompanyForm.html
Visa fil 

@@ -494,6 +494,7 @@
 
 		
 		// 배송비 정책 조회
 
 		fnGetDeliveryFeePolicy(event.data.supplyCompCd);
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 
 	// 검색
 
@@ -788,6 +789,17 @@
 
 		return result;
 
 	}
 
 	
+	var fnUnEscapeHtml = function(){	//XSS 변환
 
+		$('#detailForm input[name=supplyCompNm]').val($('#detailForm input[name=supplyCompNm]').val().replaceXSS());
 
+		$('#detailForm input[name=bizDtlAddr]').val($('#detailForm input[name=bizDtlAddr]').val().replaceXSS());
 
+		$('#detailForm input[name=csChargeNm]').val($('#detailForm input[name=csChargeNm]').val().replaceXSS());
 
+		$('#detailForm input[name=csChargeTelno]').val($('#detailForm input[name=csChargeTelno]').val().replaceXSS());
 
+		$('#detailForm input[name=settleChargeNm]').val($('#detailForm input[name=settleChargeNm]').val().replaceXSS());
 
+		$('#detailForm input[name=settleChargeTelno]').val($('#detailForm input[name=settleChargeTelno]').val().replaceXSS());
 
+		$('#detailForm textarea[name=remarks]').val($('#detailForm textarea[name=remarks]').val().replaceXSS());
 
+		$('#detailForm textarea[name=note]').val($('#detailForm textarea[name=note]').val().replaceXSS());
 
+	};
 
+	
 	$(document).ready(function() {
 
 		// Create a agGrid
 
 		gagaAgGrid.createGrid('gridList', gridOptions);

+ 12 - 1
src/main/webapp/WEB-INF/views/business/SupplyCompanyPopupForm.html
Visa fil 

@@ -105,7 +105,7 @@
 
 			// }
 
 			
 			// Fetch data
 
-			gagaAgGrid.fetch($('#searchCompanyListForm').prop('action'), gridOptionsCompanyPopupList, '#searchCompanyListForm');
 
+			gagaAgGrid.fetch($('#searchCompanyListForm').prop('action'), gridOptionsCompanyPopupList, '#searchCompanyListForm',fnChangeGrid);
 
 		});
 
 
 		// 확인
 
@@ -136,6 +136,17 @@
 
 				uifnPopupClose('popupCompanyList');
 
 			}
 
 		});
 
+		
+		var fnChangeGrid = function(){	//XSS 그리드 내 변환
 
+			var data = gagaAgGrid.getAllRowData(gridOptionsCompanyPopupList);
 
+			let modifyList = [];
 
+			$.each(data, function(idx, item) {
 
+				let supplyCompNm = item.supplyCompNm;
 
+				item.supplyCompNm = supplyCompNm.replaceXSS();
 
+				modifyList.push(item);
 
+			});
 
+			gridOptionsCompanyPopupList.api.setRowData(modifyList);
 
+		};
 
 
 		$(document).ready(function() {
 
 			// Create a agGrid

+ 44 - 1
src/main/webapp/WEB-INF/views/business/SupplyVendorForm.html
Visa fil 

@@ -218,11 +218,12 @@
 
 		} else {
 
 			$('#detailForm input:radio[name=useYn]').eq(1).trigger('click');
 
 		}
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 
 	// 검색
 
 	$('#btnSearch').on('click', function() {
 
-		gagaAgGrid.fetch($('#searchForm').prop('action'), gridOptions, '#searchForm');
 
+		gagaAgGrid.fetch($('#searchForm').prop('action'), gridOptions, '#searchForm',fnChangeGrid);
 
 	});
 
 	
 	// 신규버튼
 
@@ -272,6 +273,48 @@
 
 		cfnOpenDaumAddr(daumZip);
 
 	}
 
 	
+	var fnUnEscapeHtml = function(){	//XSS 변환
 
+		$('#detailForm input[name=supplyVendorNm]').val($('#detailForm input[name=supplyVendorNm]').val().replaceXSS());
 
+		$('#detailForm input[name=bizNo]').val($('#detailForm input[name=bizNo]').val().replaceXSS());
 
+		$('#detailForm input[name=bizKind]').val($('#detailForm input[name=bizKind]').val().replaceXSS());
 
+		$('#detailForm input[name=bizType]').val($('#detailForm input[name=bizType]').val().replaceXSS());
 
+		$('#detailForm input[name=ownerNm]').val($('#detailForm input[name=ownerNm]').val().replaceXSS());
 
+		$('#detailForm input[name=mainTelno]').val($('#detailForm input[name=mainTelno]').val().replaceXSS());
 
+		$('#detailForm input[name=mainFaxno]').val($('#detailForm input[name=mainFaxno]').val().replaceXSS());
 
+		$('#detailForm input[name=bizDtlAddr]').val($('#detailForm input[name=bizDtlAddr]').val().replaceXSS());
 
+		$('#detailForm input[name=homepageUrl]').val($('#detailForm input[name=homepageUrl]').val().replaceXSS());
 
+	};
 
+	
+	
+	var fnChangeGrid = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			if(item.bizDtlAddr != null && item.bizDtlAddr !=  '' && item.bizDtlAddr != 'undefined'){
 
+				let bizDtlAddr = item.bizDtlAddr;
 
+				item.bizDtlAddr = bizDtlAddr.replaceXSS();
 
+			
+			}
 
+			let bizNo = item.bizNo;
 
+			let bizKind = item.bizKind;
 
+			let bizType = item.bizType;
 
+			let ownerNm = item.ownerNm;
 
+			let mainTelno = item.mainTelno;
 
+			let mainFaxno = item.mainFaxno;
 
+			let homepageUrl = item.homepageUrl;
 
+			item.bizNo = bizNo.replaceXSS();
 
+			item.bizKind = bizKind.replaceXSS();
 
+			item.bizType = bizType.replaceXSS();
 
+			item.ownerNm = ownerNm.replaceXSS();
 
+			item.mainTelno = mainTelno.replaceXSS();
 
+			item.mainFaxno = mainFaxno.replaceXSS();
 
+			item.homepageUrl = homepageUrl.replaceXSS();
 
+			modifyList.push(item);
 
+		});
 
+		gridOptions.api.setRowData(modifyList);
 
+	};
 
+
 
+	
 	$(document).ready(function() {
 
 		// Create a agGrid
 
 		gagaAgGrid.createGrid('gridList', gridOptions);

+ 14 - 0
src/main/webapp/WEB-INF/views/common/fragments/footer.html
Visa fil 

@@ -98,6 +98,20 @@ let cfnInitLayerPosition = function() {
 
 	element_layer.style.left = (((window.innerWidth || document.documentElement.clientWidth) - width) / 2 - borderWidth) + 'px';
 
 	element_layer.style.top = (((window.innerHeight || document.documentElement.clientHeight) - height) / 2 - borderWidth) + 'px';
 
 }
 
+
 
+String.prototype.replaceXSS = function (){	//XSS 변환
 
+	var str = this;
 
+	
+	str = str.split(/&lt;/g).join("<");
 
+	str = str.split(/&gt;/g).join(">");
 
+	str = str.split(/&nbsp;/g).join(" ");
 
+	str = str.split(/&amp;/g).join("&");
 
+	str = str.split(/&quot;/g).join('"');
 
+	str = str.split(/&apos;/g).join("'");
 
+	str = str.split(/&#47;/g).join("/");
 
+	
+	return str;
 
+}
 
 /*]]>*/
 
 </script>
 
 </footer>

+ 46 - 4
src/main/webapp/WEB-INF/views/customer/CustomerDetailForm.html
Visa fil 

@@ -1249,6 +1249,7 @@
 
 
 			fnDisplayDeliveryCheckBox(event.data.defaultYn, event.data.delYn);
 
 		}
 
+		fnUnEscapeHtml();	//XSS변환
 
 	};
 
 
 	// 회원정보 조회
 
@@ -1291,7 +1292,8 @@
 
 					fnDisplayManaged(data.managedRsn);
 
 
 					orgData = data; // 기존 데이터
 
-					
+					$('input[name=homeDtlAddr]').val($('input[name=homeDtlAddr]').val().replaceXSS());
 
+					console.log($('input[name=recipDtlAddr]').val($('input[name=recipDtlAddr]').val()));
 
 					// 고객계좌정보 조회
 
 					fnGetCustAccountInfo();
 
 				}
 
@@ -1472,7 +1474,7 @@
 
 	// 배송지 조회
 
 	var fnCustSearchDelivery = function () {
 
 		const actionUrl = "/customer/delivery/list/" + custNo;
 
-		gagaAgGrid.fetch(actionUrl, gridAddrOptions);
 
+		gagaAgGrid.fetch(actionUrl, gridAddrOptions,null,fnChangeGrid);
 
 		$('#btnCustAddrNew').trigger('click');
 
 	};
 
 
@@ -1527,7 +1529,7 @@
 
 	var fnSearchContact = function () {
 
 		$('#custContactHstForm')[0].reset();
 
 		const actionUrl = "/customer/contact/list/" + custNo;
 
-		gagaAgGrid.fetch(actionUrl, gridContactOptions);
 
+		gagaAgGrid.fetch(actionUrl, gridContactOptions,null,fnChangeGrid1);
 
 	};
 
 
 	// 회원등급변경이력 조회
 
@@ -1749,6 +1751,46 @@
 
 		let popupHeight = window.screen.height;
 
 		window.open(actionUrl);
 
 	});
 
+	
+	var fnUnEscapeHtml = function(){	//XSS 변환
 
+		$('input[name=delvAddrNm]').val($('input[name=delvAddrNm]').val().replaceXSS());
 
+		$('input[name=recipNm]').val($('input[name=recipNm]').val().replaceXSS());
 
+		$('input[name=recipDtlAddr]').val($('input[name=recipDtlAddr]').val().replaceXSS());
 
+		$('input[name=recipZipcode]').val($('input[name=recipZipcode]').val().replaceXSS());
 
+		$('input[name=recipBaseAddr]').val($('input[name=recipBaseAddr]').val().replaceXSS());
 
+	};
 
+	
+	var fnChangeGrid = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridAddrOptions);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let recipNm = item.recipDtlAddr;
 
+			let recipDtlAddr = item.recipDtlAddr;
 
+			let recipZipcode = item.recipZipcode;
 
+			let recipBaseAddr = item.recipBaseAddr;
 
+			
+			item.recipNm = recipNm.replaceXSS();
 
+			item.recipDtlAddr = recipDtlAddr.replaceXSS();
 
+			item.recipZipcode = recipZipcode.replaceXSS();
 
+			item.recipBaseAddr = recipBaseAddr.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		gridAddrOptions.api.setRowData(modifyList);
 
+	};
 
+	
+	var fnChangeGrid1 = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridContactOptions);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let contactContents = item.contactContents;
 
+			
+			item.contactContents = contactContents.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		gridContactOptions.api.setRowData(modifyList);
 
+	};
 
 
 	$(document).ready(function () {
 
 
@@ -1777,7 +1819,7 @@
 
 		gagaAgGrid.createGrid('custContactList', gridContactOptions);	// 회원접촉이력 그리드
 
 	});
 
 
-
 
+	
 	/*]]>*/
 
 </script>

+ 10 - 4
src/main/webapp/WEB-INF/views/customer/OneToOneQnaDetailForm.html
Visa fil 

@@ -250,9 +250,9 @@
 
 				tag += '</tr>\n';
 
 				$('#otoQnaCounselInfo').html(tag);
 
 				
-				$('#otoQnaQuestTitle').html(result.questTitle);
 
+				$('#otoQnaQuestTitle').html(result.questTitle.replaceXSS());
 
 				$('#otoQnaSmsReqYn').html((result.smsReqYn == "Y" ? "수신" : "미수신"));
 
-				$('#qnaDetailForm textarea[name=questContent]').val(result.questContent);
 
+				$('#qnaDetailForm textarea[name=questContent]').val(result.questContent.replaceXSS());
 
 				
 				tag = '';
 
 				if (!gagajf.isNull(result.sysFileNm1)) {
 
@@ -272,8 +272,8 @@
 
 				}
 
 				$('#otoQnaLayerReviewPic').html(tag);
 
 				
-				$('#qnaDetailForm input[name=ansTitle]').val(result.ansTitle);
 
-				$('#qnaDetailForm textarea[name=ansContent]').val(result.ansContent);
 
+				$('#qnaDetailForm input[name=ansTitle]').val(result.ansTitle.replaceXSS());
 
+				$('#qnaDetailForm textarea[name=ansContent]').val(result.ansContent.replaceXSS());
 
 				cfnGetTextLength($('textarea[name=ansContent]'), 4000, $('#dpLocAnsContent'));
 
 				
 				$('#qnaDetailForm select[name=assignedCsNo]').val(result.assignedCsNo);
 
@@ -463,6 +463,12 @@
 
 		gagaAgGrid.fetch(actionUrl, gridOneToOneCounselOptions);
 
 	}
 
 	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+	 	$('#qnaDetailForm textarea[name=questContent]').val($('#qnaDetailForm textarea[name=questContent]').val().replaceXSS());
 
+	 	$('#qnaDetailForm input[name=ansTitle]').val($('#qnaDetailForm input[name=ansTitle]').val().replaceXSS());
 
+	 	$('#qnaDetailForm textarea[name=ansContent]').val($('#qnaDetailForm textarea[name=ansContent]').val().replaceXSS());
 
+	};
 
+	
 	$(document).ready(function() {
 
 		cfnGetTextLength($('textarea[name=ansContent]'), 4000, $('#dpLocAnsContent'));

+ 12 - 0
src/main/webapp/WEB-INF/views/display/CategoryForm.html
Visa fil 

@@ -255,6 +255,7 @@
 
 		
 		$('#detailForm input:radio[name=dispYn]:input[value=' + event.data.dispYn + ']').click();
 
 		$('#detailForm input:radio[name=useYn]:input[value=' + event.data.useYn + ']').click();
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 
 	/**
 
@@ -446,6 +447,17 @@
 
 		});
 
 	});
 
 	
+	String.prototype.replaceXSS = function (){	//XSS변환
 
+		var str = this;
 
+		str = str.split(/&lt;/g).join("<");
 
+		str = str.split(/&gt;/g).join(">");
 
+		return str;
 
+	}
 
+	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+		$('#detailForm input[name=cateNm]').val($('#detailForm input[name=cateNm]').val().replaceXSS());
 
+	};
 
+	
 	$(document).ready(function() {
 
 		// Create a agGrid
 
 		gagaAgGrid.createGrid('gridList', gridOptions);

+ 13 - 2
src/main/webapp/WEB-INF/views/display/CategoryGoodsForm.html
Visa fil 

@@ -513,7 +513,6 @@
 
 			, cate4No : $('#searchForm select[name=cate4No]').val()
 
 			, searchGb : $("#searchForm input[name=searchGb]").val()
 
 		};
 
-
 
 		var jsonData = JSON.stringify(data);
 
 		gagajf.ajaxJsonSubmit('/display/category/list', jsonData, fnChangeCate);
 
 	}
 
@@ -594,7 +593,19 @@
 
 		$('#searchForm').find('#pageNo').val(result.pageing.pageable.pageNo.addComma());
 
 		$('#searchForm').find('#pgNo').html(result.pageing.pageable.pageNo.addComma());
 
 		$('#searchForm').find('#endPgNo').html(result.pageing.pageable.totalPage.addComma());
 
-		gridOptions.api.setRowData(result.categoryGoodsList);
 
+		var data = result.categoryGoodsList;
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+	
+			let goodsTnm = item.goodsTnm;
 
+			let goodsNm = item.goodsNm;
 
+			
+			item.goodsTnm = goodsTnm.replaceXSS();
 
+			item.goodsNm = goodsNm.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		gridOptions.api.setRowData(modifyList);
 
 		gagaPaging.createPagination(result.pageing.pageable);
 
 	}

+ 20 - 2
src/main/webapp/WEB-INF/views/display/CategorySearchForm.html
Visa fil 

@@ -114,7 +114,7 @@
 
 	// 조회
 
 	$('#btnSearchCategoryList').on('click', function() {
 
 		// Fetch data
 
-		gagaAgGrid.fetch($('#searchCategoryListForm').prop('action'), categoryGridOptions, '#searchCategoryListForm');
 
+		gagaAgGrid.fetch($('#searchCategoryListForm').prop('action'), categoryGridOptions, '#searchCategoryListForm',fnChangeGrid);
 
 	});
 
 	
 	// 확인
 
@@ -145,6 +145,17 @@
 
 			uifnPopupClose('popupCategory');
 
 		}
 
 	});
 
+					
+	var fnChangeGrid = function (){		//XSS 그리드 내 변환		
+		var data = gagaAgGrid.getAllRowData(categoryGridOptions);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let cateNm = item.cateNm;
 
+			item.cateNm = cateNm.replaceXSS();
 
+			modifyList.push(item);
 
+		});
 
+		categoryGridOptions.api.setRowData(modifyList);
 
+	};
 
 	
 	$(document).ready(function() {
 
 		// Create a agGrid
 
@@ -167,7 +178,14 @@
 
 		// Fetch data
 
 		gagaAgGrid.fetch($('#searchCategoryListForm').prop('action'), categoryGridOptions, '#searchCategoryListForm', function(data) {
 
 			let selLvl = Number($('#searchCategoryListForm input[name=selLvl]').val()) + 1;
 
-
 
+			var data = data;
 
+			let modifyList = [];
 
+			$.each(data, function(idx, item) {
 
+				let cateNm = item.cateNm;
 
+				item.cateNm = cateNm.replaceXSS();
 
+				modifyList.push(item);
 
+			});
 
+			categoryGridOptions.api.setRowData(modifyList);
 
 			for (let i = 2; i <= 5; i++) {
 
 				if (i >= selLvl) {
 
 					$('#selCate' + i).html('<option value="">[카테고리' + (i - 1) + ']</option>');

+ 14 - 0
src/main/webapp/WEB-INF/views/display/LookbookListForm.html
Visa fil 

@@ -238,6 +238,7 @@
 
 		$('#searchForm').find('#endPgNo').html(result.pageing.pageable.totalPage.addComma());
 
 		gridOptions.api.setRowData(result.lookbookList);
 
 		gagaPaging.createPagination(result.pageing.pageable);
 
+		fnChangeGrid();	//XSS 그리드 내 변환
 
 	}
 
 
 	// 노출안함
 
@@ -281,6 +282,19 @@
 
 		$("#searchForm").find("input[name=brandNm]").val(result[0].brandGroupNm);
 
 		
 	}
 
+	
+	var fnChangeGrid = function(){ 	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let title = item.title;
 
+			
+			item.title = title.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		gridOptions.api.setRowData(modifyList);
 
+	}
 
 
 	$(document).ready(function() {
 
 		// Create a agGrid

+ 5 - 0
src/main/webapp/WEB-INF/views/display/PopupListForm.html
Visa fil 

@@ -399,6 +399,7 @@
 
 			}
 
 			$(".uFileLabel").text('');
 
 		}
 
+		fnUnEscapeHtml();
 
 	}
 
 
 	/**
 
@@ -756,6 +757,10 @@
 
 		}
 
 	});
 
 	
+	var fnUnEscapeHtml = function(){	//XSS 변환
 
+		$('#detailForm input[name=linkUrl]').val($('#detailForm input[name=linkUrl]').val().replaceXSS());
 
+	};
 
+	
 	$(document).ready(function() {
 
 		// Create a agGrid
 
 		gagaAgGrid.createGrid('gridList', gridOptions);

+ 23 - 1
src/main/webapp/WEB-INF/views/display/SearchKeywordForm.html
Visa fil 

@@ -154,6 +154,7 @@
 
 			var dispEddt = event.data.dispEddt.replaceAll('-','');
 
 			$(formId + " input[name=dispEddt]").val(dispEddt.substr(0,4)+"-"+dispEddt.substr(4,2)+"-"+dispEddt.substr(6,2));
 
 		}
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 	
 	// 신규 버튼 클릭
 
@@ -174,7 +175,7 @@
 
 		$('#searchForm').find('input[name=edDate]').val($('#searchForm').find('input[name=edDate]').val().replaceAll('-',''));
 
 
 		// Fetch data
 
-		gagaAgGrid.fetch($('#searchForm').prop('action'), gridOptions, '#searchForm');
 
+		gagaAgGrid.fetch($('#searchForm').prop('action'), gridOptions, '#searchForm',fnChangeGrid);
 
 		$("#btnNew").click();
 
 	});
 
 	
@@ -283,6 +284,27 @@
 
 		gagaKollus.upload('Goods', file, $('input[name=kufKey]'));
 
 	});
 
 	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+		$('#detailForm input[name=keyword]').val($('#detailForm input[name=keyword]').val().replaceXSS());
 
+		$('#detailForm input[name=linkUrl]').val($('#detailForm input[name=linkUrl]').val().replaceXSS());
 
+	};
 
+	
+	var fnChangeGrid = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions);
 
+		
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let keyword = item.keyword;
 
+			let linkUrl = item.linkUrl;
 
+			
+			item.keyword = keyword.replaceXSS();
 
+			item.linkUrl = linkUrl.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		gridOptions.api.setRowData(modifyList);
 
+	};
 
+	
 	$(document).ready(function() {
 
 		
 		cfnCreateCalendar('#sellTerms', 'stDate', 'edDate', true, '등록일', true);

+ 31 - 1
src/main/webapp/WEB-INF/views/envset/AnswerPhaseForm.html
Visa fil 

@@ -226,11 +226,12 @@
 
 		$('#detailForm input[name=kakaoCd]').val(event.data.kakaoCd); // 카카오템플릿코드
 
 		$('#detailForm input[name=buttonNm]').val(event.data.buttonNm); // 카카오버튼명
 
 		$('#detailForm input[name=buttonUrl]').val(event.data.buttonUrl); // 카카오버튼URL
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 
 	// 검색
 
 	$('#btnSearch').on('click', function() {
 
-		gagaAgGrid.fetch($('#searchForm').prop('action'), gridOptions, '#searchForm');
 
+		gagaAgGrid.fetch($('#searchForm').prop('action'), gridOptions, '#searchForm',fnChangeGrid);
 
 	});
 
 	
 	// 신규
 
@@ -265,6 +266,35 @@
 
 		gagaAgGrid.exportToExcel('답변문구 목록', gridOptions);
 
 	});
 
 	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+		$('#detailForm input[name=ansTitle]').val($('#detailForm input[name=ansTitle]').val().replaceXSS());
 
+		$('#detailForm textarea[name=ansContent]').val($('#detailForm textarea[name=ansContent]').val().replaceXSS());
 
+		$('#detailForm input[name=kakaoCd]').val($('#detailForm input[name=kakaoCd]').val().replaceXSS());
 
+		$('#detailForm input[name=buttonNm]').val($('#detailForm input[name=buttonNm]').val().replaceXSS());
 
+		$('#detailForm input[name=buttonUrl]').val($('#detailForm input[name=buttonUrl]').val().replaceXSS());
 
+	}
 
+	
+	var fnChangeGrid = function(){	//그리드 내 XSS변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let ansContent = item.ansContent;
 
+			let ansTitle = item.ansTitle;
 
+			let buttonNm = item.buttonNm;
 
+			let buttonUrl = item.buttonUrl;
 
+			let kakaoCd = item.kakaoCd;
 
+			
+			item.ansContent = ansContent.replaceXSS();
 
+			item.ansTitle = ansTitle.replaceXSS();
 
+			item.buttonNm = buttonNm.replaceXSS();
 
+			item.buttonUrl = buttonUrl.replaceXSS();
 
+			item.kakaoCd = kakaoCd.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		gridOptions.api.setRowData(modifyList);
 
+	}
 
+	
 	$(document).ready(function() {
 
 		gagaAgGrid.createGrid('gridList', gridOptions);
 
 	});

+ 8 - 0
src/main/webapp/WEB-INF/views/envset/BasicEnvsetForm.html
Visa fil 

@@ -486,6 +486,7 @@
 
 							}
 
 						}
 
 					}
 
+				fnUnEscapeHtml();	//XSS변환
 
 				});
 
 
 		// 회원기본설정
 
@@ -757,6 +758,13 @@
 
 		oParam.returnName = strReturnName;
 
 		cfnOpenCouponRetrievePopup($(strReturnName).val(), oParam);
 
 	}
 
+	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+		$('input[name=b10StrSetVal1]').val($('input[name=b10StrSetVal1]').val().replaceXSS());
 
+		$('input[name=b10StrSetVal2]').val($('input[name=b10StrSetVal2]').val().replaceXSS());
 
+		$('input[name=b10StrSetVal3]').val($('input[name=b10StrSetVal3]').val().replaceXSS());
 
+		$('input[name=b10StrSetVal5]').val($('input[name=b10StrSetVal5]').val().replaceXSS());
 
+	};
 
 
 	$(document).ready(function() {
 
 		$('select[name=siteCd]').trigger('change');

+ 20 - 1
src/main/webapp/WEB-INF/views/goods/ColorForm.html
Visa fil 

@@ -210,8 +210,27 @@
 
 	//조회
 
 	var fnSearch = function() {
 
 		var formId = "#searchForm";
 
-		gagaAgGrid.fetch($(formId).prop('action'), gridOptions, formId);
 
+		gagaAgGrid.fetch($(formId).prop('action'), gridOptions, formId,fnChangeGrid);
 
 	}
 
+	
+	var fnChangeGrid = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let colorCd = item.colorCd;
 
+			let colorEnm = item.colorEnm;
 
+			let colorKnm = item.colorKnm;
 
+			let colorFile = item.colorFile;
 
+			
+			item.colorCd = colorCd.replaceXSS();
 
+			item.colorEnm = colorEnm.replaceXSS();
 
+			item.colorKnm = colorKnm.replaceXSS();
 
+			item.colorFile = colorFile.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		gridOptions.api.setRowData(modifyList);
 
+	};
 
 
 	$(document).ready(function() {
 
 		// Create a agGrid

+ 5 - 0
src/main/webapp/WEB-INF/views/goods/GoodsAdKeywordForm.html
Visa fil 

@@ -229,6 +229,7 @@
 
 
 		// 상품 목록
 
 		fnGetadKeywordGoodsList(event.data.adKeywordSq);
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 
 	// 검색
 
@@ -480,6 +481,10 @@
 
 		});
 
 	});
 
 	
+	var fnUnEscapeHtml = function(){	//XSS 변환
 
+		$('#goodsAdkeywordForm input[name=adKeyword]').val($('#goodsAdkeywordForm input[name=adKeyword]').val().replaceXSS());
 
+	};
 
+
 
 	$(document).ready(function() {
 
 		
 		cfnCreateCalendar('#sellTerms', 'stDate', 'edDate', true, '기간', 'X');

+ 5 - 0
src/main/webapp/WEB-INF/views/goods/GoodsContentsForm.html
Visa fil 

@@ -357,6 +357,7 @@
 
 
 		// 상품 목록
 
 		fnGetContentsGoodsList(event.data.goodsContentsSq);
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 
 	// 검색
 
@@ -827,6 +828,10 @@
 
 		});
 
 	});
 
 	
+	var fnUnEscapeHtml = function(){	//XSS 변환
 
+		$('#goodsContentsForm input[name=goodsContentsTitle]').val($('#goodsContentsForm input[name=goodsContentsTitle]').val().replaceXSS());
 
+		$('#goodsContentsForm input[name=kmcKey]').val($('#goodsContentsForm input[name=kmcKey]').val().replaceXSS());
 
+	}
 
 	$(document).ready(function() {
 
 		
 		cfnCreateCalendar('#sellTerms', 'stDate', 'edDate', true, '공지일', 'X');

+ 24 - 1
src/main/webapp/WEB-INF/views/goods/GoodsDetailForm.html
Visa fil 

@@ -1309,6 +1309,7 @@
 
 			}
 
 			//이력
 
 			fnGoodsDetailHstSearch();
 
+			fnUnEscapeHtml();	//XSS변환
 
 
 		}
 
 
@@ -1370,7 +1371,7 @@
 
 
 	//이력
 
 	var fnGoodsDetailHstSearch = function() {
 
-		gagaAgGrid.fetch("/goods/detail/hst/list?goodsCd=" + $('#goodsDetailForm input[name=goodsCd]').val() , gridGoodsHstoryOptions);
 
+		gagaAgGrid.fetch("/goods/detail/hst/list?goodsCd=" + $('#goodsDetailForm input[name=goodsCd]').val() , gridGoodsHstoryOptions,null,fnChangeGrid);
 
 	}
 
 
 	//정보고시 콜백
 
@@ -2877,6 +2878,28 @@
 
 	$("img").on("error", function () {
 
 		$(this).attr("src",  _uximgUrl+"/image/no.png");
 
 	});
 
+	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+	 	$('#goodsDetailForm input[name=goodsTnm]').val($('#goodsDetailForm input[name=goodsTnm]').val().replaceXSS());
 
+	 	$('#goodsDetailForm input[name=goodsNm]').val($('#goodsDetailForm input[name=goodsNm]').val().replaceXSS());
 
+	 	$('#goodsDetailForm input[name=goodsTitlesDesc]').val($('#goodsDetailForm input[name=goodsTitlesDesc]').val().replaceXSS());
 
+	};
 
+	
+	var fnChangeGrid = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridGoodsHstoryOptions);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			if(item.goodsTnm != null && item.goodsTnm != undefined && item.goodsTnm != ""){
 
+			let goodsTnm = item.goodsTnm;
 
+			let goodsSnm = item. goodsSnm;
 
+			
+			item.goodsTnm = goodsTnm.replaceXSS();
 
+			item.goodsSnm = goodsSnm.replaceXSS();
 
+			}
 
+			modifyList.push(item);
 
+		});
 
+		gridGoodsHstoryOptions.api.setRowData(modifyList);
 
+	};
 
 
 	$(document).ready(function() {

+ 6 - 1
src/main/webapp/WEB-INF/views/goods/GoodsNoticeForm.html
Visa fil 

@@ -251,10 +251,11 @@
 
 		$('#goodsNoticeForm input[name=noticeTitle]').val(event.data.noticeTitle);
 
 
 		// 공지내용. Summernote에 값 세팅
 
-		gagaSn.setContents('#noticeContent', event.data.noticeContent);
 
+		gagaSn.setContents('#noticeContent', event.data.noticeContent.replaceXSS());
 
 
 		// 상품 목록
 
 		fnGetNoticeGoodsList(event.data.noticeSq);
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 
 	// 초기화 클릭시
 
@@ -590,6 +591,10 @@
 
 		});
 
 	});
 
 	
+	var fnUnEscapeHtml = function(){	//XSS 변환
 
+		$('#goodsNoticeForm input[name=noticeTitle]').val($('#goodsNoticeForm input[name=noticeTitle]').val().replaceXSS());
 
+	};
 
+	
 	$(document).ready(function() {
 
 		
 		cfnCreateCalendar('#sellTerms', 'stDate', 'edDate', true, '공지일', 'X');

+ 11 - 2
src/main/webapp/WEB-INF/views/goods/GoodsPopupListForm.html
Visa fil 

@@ -493,8 +493,17 @@
 
 			if (typeof item.brandKnm != "undefined" && !gagajf.isNull(item.brandKnm)) item.brandKnm = item.brandKnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
 			if (typeof item.brandGroupNm != "undefined" && !gagajf.isNull(item.brandGroupNm)) item.brandGroupNm = item.brandGroupNm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
 		});
 
-
 
-		popupGoodsGridOptions.api.setRowData(result.goodsList);
 
+		var data = result.goodsList
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+	
+			let goodsNm = item.goodsNm;
 
+			
+			item.goodsNm = goodsNm.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		popupGoodsGridOptions.api.setRowData(modifyList);
 
 		gagaPaging.createPagination(result.pageing.pageable);
 
 
 	}

+ 6 - 1
src/main/webapp/WEB-INF/views/goods/GoodsSizeInfoForm.html
Visa fil 

@@ -201,12 +201,13 @@
 
 			$("#sizeInfoForm input[name=sizeCate2Nm]").val(event.data.sizeCate2Nm);

 			$("#sizeInfoForm input[name=sizeCate2Cd]").val(event.data.sizeCate2Cd);

 			$("#sizeInfoForm input[name=dispOrd]").val(event.data.dispOrd);

-			gagaSn.setContents('#sizeInfo', event.data.sizeInfo); 

+			gagaSn.setContents('#sizeInfo', event.data.sizeInfo.replaceXSS()); 

 				

 			$('#sizeInfoForm input[name=sizeGb]').prop('readonly', true);

 			$('#sizeInfoForm input[name=sizeGb]').addClass("formControl");

 			

 		}

+		fnUnEscapeHtml();	//XSS변환

 	}

 

 	// 조회

@@ -293,6 +294,10 @@
 
 		});

 	});

 	

+	var fnUnEscapeHtml = function(){	//XSS 변환

+		$('#sizeInfoForm input[name=sizeCate2Nm]').val($('#sizeInfoForm input[name=sizeCate2Nm]').val().replaceXSS());

+	};

+	

 	$(document).ready(function() {

 		

 		// Create a agGrid

+ 12 - 1
src/main/webapp/WEB-INF/views/goods/GoodsTitleReserveForm.html
Visa fil 

@@ -332,7 +332,18 @@
 
 		$('#goodsTnmListForm').find('#pageNo').val(result.pageing.pageable.pageNo.addComma());
 
 		$('#goodsTnmListForm').find('#pgNo').html(result.pageing.pageable.pageNo.addComma());
 
 		$('#goodsTnmListForm').find('#endPgNo').html(result.pageing.pageable.totalPage.addComma());
 
-		gridOptions.api.setRowData(result.goodsTnmList);
 
+		var data = result.goodsTnmList;		//XSS 그리드 내 변환
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			if(item.goodsTnm != null && item.goodsTnm !=  '' && item.goodsTnm != 'undefined'){
 
+				let goodsTnm = item.goodsTnm;
 
+				item.goodsTnm = goodsTnm.replaceXSS();
 
+			}
 
+			let regGoodsTnm = item.regGoodsTnm;
 
+			item.regGoodsTnm = regGoodsTnm.replaceXSS();
 
+			modifyList.push(item);
 
+		});
 
+		gridOptions.api.setRowData(modifyList);	
 		gagaPaging.createPagination(result.pageing.pageable);
 
 	}

+ 14 - 1
src/main/webapp/WEB-INF/views/goods/ItemkindBaseForm.html
Visa fil 

@@ -196,9 +196,22 @@
 
 	// 조회
 
 	var fnSearch = function() {
 
 		var formId = "#searchForm";
 
-		gagaAgGrid.fetch($(formId).prop('action'), gridOptions, formId);
 
+		gagaAgGrid.fetch($(formId).prop('action'), gridOptions, formId,fnChangeGrid);
 
 	}
 
 	
+	var fnChangeGrid = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let itemkindCd = item.itemkindCd;
 
+
 
+			item.itemkindCd = itemkindCd.replaceXSS();
 
+
 
+			modifyList.push(item);
 
+		});
 
+		gridOptions.api.setRowData(modifyList);
 
+	};
 
+	
 	$(document).ready(function() {
 
 		// Create a agGrid
 
 		gagaAgGrid.createGrid('gridList', gridOptions);

+ 16 - 1
src/main/webapp/WEB-INF/views/goods/WmsColorMappingForm.html
Visa fil 

@@ -171,8 +171,23 @@
 
 	//조회
 
 	var fnSearch = function() {
 
 		var formId = "#searchForm";
 
-		gagaAgGrid.fetch($(formId).prop('action'), gridOptions, formId);
 
+		gagaAgGrid.fetch($(formId).prop('action'), gridOptions, formId,fnChangeGrid);
 
 	}
 
+	
+	var fnChangeGrid = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let wmsColorCd = item.wmsColorCd;
 
+			let wmsColorNm = item.wmsColorNm;
 
+
 
+			item.wmsColorCd = wmsColorCd.replaceXSS();
 
+			item.wmsColorNm = wmsColorNm.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		gridOptions.api.setRowData(modifyList);
 
+	};
 
 
 	$(document).ready(function() {
 
 		// Create a agGrid

+ 1 - 1
src/main/webapp/WEB-INF/views/marketing/CouponListForm.html
Visa fil 

@@ -3,7 +3,7 @@
 
 	  xmlns:th="http://www.thymeleaf.org">
 
 <!--
 
  *******************************************************************************
 
- * @source  : .html
 
+ * @source  : CouponListForm.html
 
  * @desc    : 쿠폰관리 Page
 
  *============================================================================
 
  * STYLE24

+ 8 - 1
src/main/webapp/WEB-INF/views/marketing/CouponPopupForm.html
Visa fil 

@@ -1887,7 +1887,14 @@
 
 					xhr.setRequestHeader('Accept'		, 'application/json');
 
 					xhr.setRequestHeader('Content-Type'	, 'application/json');
 
 				},
 
-				success 	: function(result) {
 
+				success 	: function(result) {zzz
 
+					var data = result.returnList;
 
+					let brandList = [];
 
+					$.each(data, function(idx, item) {
 
+						let brandEnm = item.brandEnm;
 
+						item.brandEnm = brandEnm.replaceXSS();
 
+					brandList.push(item);
 
+				});
 
 					if (result != null) {
 
 						for (let i = 0 ; i < result.returnList.length ; i++) {
 
 							let addChk = true, gridListValue = gagaAgGrid.getAllRowData(brandGridOptions);		// 받아온 모든 데이터

+ 2 - 1
src/main/webapp/WEB-INF/views/marketing/CouponPubCustListPopupForm.html
Visa fil 

@@ -52,7 +52,8 @@
 
 		} ,*/
 
 		{ headerName: "발급사유" , field:"pubReasonNm" , width:200, cellClass:"text-center"} ,
 
 		{ headerName: "발급상세사유" , field:"pubReasonDtl" , width:200, cellClass:"text-center"} ,
 
-		{ headerName: "발급인ID" , field:"regNo" , width:100, cellClass:"text-center"} ,
 
+		{ headerName: "발급인번호" , field:"regNo" , width:100, cellClass:"text-center"} ,
 
+		{ headerName: "발급인ID" , field:"regId" , width:100, cellClass:"text-center"} ,
 
 		{ headerName: "발급인" , field:"regNm" , width:100, cellClass:"text-center"} ,
 
 		{ headerName: "발급시간" , field:"regDt" , width:150, cellClass:"text-center"
 
 			,valueGetter	: function (params) {

+ 56 - 7
src/main/webapp/WEB-INF/views/marketing/FreeGoodsPromotionRegiForm.html
Visa fil 

@@ -604,15 +604,54 @@
 
 					gridOptionsFreeGoods2List.columnApi.getColumn("limitQty").colDef.editable = false;
 
 				//}
 
 			}
 
-
 
+			
+			var data = freegift.brandList;
 
+			let brandList = [];
 
+			$.each(data, function(idx, item) {
 
+				let brandEnm = item.brandEnm;
 
+				item.brandEnm = brandEnm.replaceXSS();
 
+				brandList.push(item);
 
+			});
 
+			
+			var data = freegift.applyGoodsList;
 
+			let applyGoodsList = [];
 
+			$.each(data, function(idx, item) {
 
+				let goodsNm = item.goodsNm;
 
+				item.goodsNm = goodsNm.replaceXSS();
 
+				applyGoodsList.push(item);
 
+			});
 
+			
+			var data = freegift.exceptGoodsList
 
+			let exceptGoodsList = [];
 
+			$.each(data, function(idx, item) {
 
+				let goodsNm = item.goodsNm;
 
+				item.goodsNm = goodsNm.replaceXSS();
 
+				exceptGoodsList.push(item);
 
+			});
 
+			
+			var data = freegift.freeGoods1
 
+			let freeGoods1 = [];
 
+			$.each(data, function(idx, item) {
 
+				let goodsNm = item.goodsNm;
 
+				item.goodsNm = goodsNm.replaceXSS();
 
+				freeGoods1.push(item);
 
+			});
 
+			var data = freegift.freeGoods2
 
+			let freeGoods2 = [];
 
+			$.each(data, function(idx, item) {
 
+				let goodsNm = item.goodsNm;
 
+				item.goodsNm = goodsNm.replaceXSS();
 
+				freeGoods2.push(item);
 
+			});
 
 			gridOptionsFGExtmallList.api.setRowData(freegift.extmallList);
 
 			gridOptionsFGCompanyList.api.setRowData(freegift.supplyCompList);
 
-			gridOptionsFGBrandList.api.setRowData(freegift.brandList);
 
-			gridOptionsFGApplyGoodsList.api.setRowData(freegift.applyGoodsList);
 
-			gridOptionsFGExceptGoodsList.api.setRowData(freegift.exceptGoodsList);
 
-			gridOptionsFreeGoods1List.api.setRowData(freegift.freeGoods1);
 
-			gridOptionsFreeGoods2List.api.setRowData(freegift.freeGoods2);
 
+			gridOptionsFGBrandList.api.setRowData(brandList);
 
+			gridOptionsFGApplyGoodsList.api.setRowData(applyGoodsList);
 
+			gridOptionsFGExceptGoodsList.api.setRowData(exceptGoodsList);
 
+			gridOptionsFreeGoods1List.api.setRowData(freeGoods1);
 
+			gridOptionsFreeGoods2List.api.setRowData(freeGoods2);
 
 		}
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 
 	// 프로모션 상세 조회
 
@@ -623,6 +662,10 @@
 
 
 		cfnAjaxSubmit("/marketing/freegoods/promotion/detail", "json", fnFreeGoodsPromotionSearchCallback, params);
 
 	}
 
+	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+		$('#freeGoodsPromotionForm input[name=freegiftNm]').val($('#freeGoodsPromotionForm input[name=freegiftNm]').val().replaceXSS());
 
+	};
 
 
 	$(document).ready(function() {
 
 		gagaAgGrid.createGrid("gridFGExtmallList", gridOptionsFGExtmallList);
 
@@ -773,6 +816,13 @@
 
 						xhr.setRequestHeader('Content-Type'	, 'application/json');
 
 					},
 
 					success 	: function(result) {
 
+						var data = result.returnList;
 
+						let brandList = [];
 
+						$.each(data, function(idx, item) {
 
+							let brandEnm = item.brandEnm;
 
+							item.brandEnm = brandEnm.replaceXSS();
 
+							brandList.push(item);
 
+						});
 
 						if (result != null) {
 
 							for (let i = 0 ; i < result.returnList.length ; i++) {
 
 								let addChk = true, gridListValue = gagaAgGrid.getAllRowData(gridOptionsFGBrandList);		// 받아온 모든 데이터
 
@@ -1296,7 +1346,6 @@
 
 	var fnFreeGoodsPromotionFormClose = function(){
 
 		uifnPopupClose('popupFreeGoodsPromotionRegi');
 
 	}
 
-
 
 </script>
 
 
 <!-- 내부 영역 slide 버튼 모양 생성 -->

+ 14 - 1
src/main/webapp/WEB-INF/views/marketing/MailTemplateDetailForm.html
Visa fil 

@@ -427,6 +427,13 @@
 
 	var goodsStatList = gagajf.convertToArray([[${goodsStatList}]]);
 
 	var mtcgGridOptions;
 
 	var mode = $('#mailTemplateDetailForm input[name=mode]').val();
 
+	var mtInfo;
 
+	var useYn;
 
+	
+	if (mode == 'U') {
 
+		mtInfo = [[${mtInfo}]];
 
+		useYn = mtInfo.useYn;
 
+	}
 
 	
 	var columnDefs = [
 
 		{width: 40, minWidth: 40, cellClass: 'text-center', headerCheckboxSelection: true, checkboxSelection: true, filter: false},
 
@@ -784,7 +791,8 @@
 
 			cancelBtnText: "취소",
 
 			sureBtnText: "확인",
 
 			sureBtnClick: function() {
 
-				var actionUrl = '/marketing/mailtemplate/delete/' + $('input[name=mailtSq]').val();
 
+				var actionUrl = '/marketing/mailtemplate/delete/' + $('#mailTemplateDetailForm input[name=mailtSq]').val();
 
+				mcxDialog.alert(actionUrl);
 
 				gagajf.ajaxJsonSubmit(actionUrl, null, function() {
 
 					uifnPopupClose('popupMailTemplateDetail');
 
 					$('#btnSearch').trigger('click');
 
@@ -853,6 +861,11 @@
 
 			$('#mtcorner').show(); // 상품전시코너 영역 노출
 
 			fnGetMailTemplateCorner(); // 상품전시코너 조회
 
 		}
 
+		
+		// 삭제 버튼 처리
 
+		if (useYn == 'N') {
 
+			$('#btnDeleteMailTemplate').hide();
 
+		}
 
 	});
 
 /*]]>*/
 
 </script>

+ 9 - 0
src/main/webapp/WEB-INF/views/marketing/MorebetterPopupForm.html
Visa fil 

@@ -928,6 +928,15 @@
 
 					xhr.setRequestHeader('Content-Type'	, 'application/json');
 
 				},
 
 				success 	: function(result) {
 
+						var data = result.returnList;
 
+						let modifyList = [];
 
+						$.each(data, function(idx, item) {
 
+							let brandEnm = item.brandEnm;
 
+							item.brandEnm = brandEnm.replaceXSS();
 
+							
+							modifyList.push(item);
 
+						});
 
+						gridOptionsFGBrandList.api.setRowData(modifyList);
 
 					if (result != null) {
 
 						for(let i = 0 ; i < result.returnList.length ; i++) {
 
 							let addChk = true, gridListValue = gagaAgGrid.getAllRowData(gridOptionsFGBrandList);		// 받아온 모든 데이터

+ 25 - 0
src/main/webapp/WEB-INF/views/marketing/PlanCornerListForm.html
Visa fil 

@@ -182,6 +182,17 @@
 
 
 		gagajf.ajaxJsonSubmit(actionUrl, jsonData, function(data) {
 
 			gridOptionsGoods.api.setRowData(data.planGoodsList);
 
+			var data = data.planGoodsList;		//XSS 그리드 내 변환
 
+			let modifyList = [];
 
+			$.each(data, function(idx, item) {
 
+
 
+				let goodsNm = item.goodsNm;
 
+				
+				item.goodsNm = goodsNm.replaceXSS();
 
+			
+				modifyList.push(item);
 
+			});
 
+			gridOptionsGoods.api.setRowData(modifyList);
 
 		});
 
 	}
 
 
@@ -533,6 +544,20 @@
 
 		cfnOpenGoodsDispOrdChangePopup('fnConnerGoodsSearch', params);
 
 	}
 
 	
+	var fnChangeGrid = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptionsGoods);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+
 
+			let goodsNm = item.goodsNm;
 
+			
+			item.goodsNm = goodsNm.replaceXSS();
 
+		
+			modifyList.push(item);
 
+		});
 
+		gridOptionsGoods.api.setRowData(modifyList);
 
+	};
 
+
 
 	$(document).ready(function() {
 
 		gagaAgGrid.createGrid('gridListCorner', gridOptionsCorner);
 
 		gagaAgGrid.createGrid('gridListGoods', gridOptionsGoods);

+ 9 - 2
src/main/webapp/WEB-INF/views/marketing/PlanListForm.html
Visa fil 

@@ -361,8 +361,15 @@
 
 		$('#planListSearchForm').find('#pageNo').val(result.pageing.pageable.pageNo.addComma());
 
 		$('#planListSearchForm').find('#pgNo').html(result.pageing.pageable.pageNo.addComma());
 
 		$('#planListSearchForm').find('#endPgNo').html(result.pageing.pageable.totalPage.addComma());
 
-		gridOptions.api.setRowData(result.planList);
 
-		
+		var data = result.planList;		//XSS 그리드 내 변환
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let dtlTitle1 = item.dtlTitle1;
 
+			item.dtlTitle1 = dtlTitle1.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		gridOptions.api.setRowData(modifyList);
 
 		gagaPaging.createPagination(result.pageing.pageable);
 
 	}

+ 5 - 0
src/main/webapp/WEB-INF/views/marketing/PollListForm.html
Visa fil 

@@ -360,6 +360,7 @@
 
 				cfnOpenModalPopup(actionUrl, 'pollVoteRatePopup');
 
 			}
 
 		}
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 
 	// 투표자 조회
 
@@ -812,6 +813,10 @@
 
 	$('#btnExcel').on('click', function() {
 
 		gagaAgGrid.exportToExcel('투표자 목록', gridOptionsVote);
 
 	});
 
+	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+		$('#registerForm input[name=pollTitle]').val($('#registerForm input[name=pollTitle]').val().replaceXSS());
 
+	};
 
 
 	$(document).ready(function() {

+ 10 - 1
src/main/webapp/WEB-INF/views/marketing/ShotDeliveryForm.html
Visa fil 

@@ -249,7 +249,16 @@
 
 		var jsonData = JSON.stringify(data);

 

 		gagajf.ajaxJsonSubmit(actionUrl, jsonData, function(data) {

-			gridOptionsGoods.api.setRowData(data.brandGoodsList);

+			var data = data.brandGoodsList;		//XSS 그리드 내 변환

+			let modifyList = [];

+			$.each(data, function(idx, item) {

+				let goodsNm = item.goodsNm;

+				

+				item.goodsNm = goodsNm.replaceXSS();

+				

+				modifyList.push(item);

+			});

+			gridOptionsGoods.api.setRowData(modifyList);

 		});

 	}

+ 16 - 2
src/main/webapp/WEB-INF/views/marketing/SocialShoppingListForm.html
Visa fil 

@@ -342,6 +342,7 @@
 
 
 		$('.tabsNav li').eq(0).trigger('click');
 
 		fnBindDetail(event.data); // 바인딩
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 
 	// 바인딩
 
@@ -587,8 +588,16 @@
 
 		$('#searchForm').find('#pageNo').val(result.pageing.pageable.pageNo.addComma());
 
 		$('#searchForm').find('#pgNo').html(result.pageing.pageable.pageNo.addComma());
 
 		$('#searchForm').find('#endPgNo').html(result.pageing.pageable.totalPage.addComma());
 
-		gridOptions.api.setRowData(result.socialList);
 
-		
+		var data = result.socialList;		//XSS 그리드 내 변환
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let socialTnm = item.socialTnm;
 
+			
+			item.socialTnm = socialTnm.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		gridOptions.api.setRowData(modifyList);
 
 		gagaPaging.createPagination(result.pageing.pageable);
 
 	}
 
 	
@@ -902,6 +911,11 @@
 
 		$('#detailForm select[name=planSq]').val(result[0].planSq);
 
 	}
 
 	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+		$('#detailForm input[name=socialNm]').val($('#detailForm input[name=socialNm]').val().replaceXSS());
 
+		$('#detailForm input[name=socialTnm]').val($('#detailForm input[name=socialTnm]').val().replaceXSS());
 
+	};
 
+	
 	$(document).ready(function() {
 
 		cfnCreateCalendar('#terms', 'stDate', 'edDate', false);

+ 28 - 2
src/main/webapp/WEB-INF/views/ocm/ExtmallForm.html
Visa fil 

@@ -276,12 +276,12 @@
 
 		} else {
 
 			$('#detailForm input:radio[name=delvFeeSumYn]').eq(1).trigger('click');
 
 		}
 
-		
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 
 	// 검색
 
 	$('#btnSearch').on('click', function() {
 
-		gagaAgGrid.fetch($('#searchForm').prop('action'), gridOptions, '#searchForm');
 
+		gagaAgGrid.fetch($('#searchForm').prop('action'), gridOptions, '#searchForm',fnChangeGrid);
 
 	});
 
 	
 	// 신규버튼
 
@@ -311,6 +311,32 @@
 
 	$('#btnExcel').on('click', function() {
 
 		gagaAgGrid.exportToExcel('제휴몰 목록', gridOptions);
 
 	});
 
+	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+		$('#detailForm input[name=extmallId]').val($('#detailForm input[name=extmallId]').val().replaceXSS());
 
+		$('#detailForm input[name=extmallUserId]').val($('#detailForm input[name=extmallUserId]').val().replaceXSS());
 
+		$('#detailForm input[name=extmallNm]').val($('#detailForm input[name=extmallNm]').val().replaceXSS());
 
+		$('#detailForm input[name=extmallTel]').val($('#detailForm input[name=extmallTel]').val().replaceXSS());
 
+	};
 
+	
+	var fnChangeGrid = function(){	//그리드 내 XSS변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			if(item.extmallTel != null && item.extmallTel !=  '' && item.extmallTel != 'undefined'){
 
+				let extmallTel = item.extmallTel;
 
+				item.extmallTel = extmallTel.replaceXSS();
 
+			}
 
+				let extmallId = item.extmallId;
 
+				let extmallUserId = item.extmallUserId;
 
+				let extmallNm = item.extmallNm;
 
+				item.extmallId = extmallId.replaceXSS();
 
+				item.extmallUserId = extmallUserId.replaceXSS();
 
+				item.extmallNm = extmallNm.replaceXSS();
 
+				modifyList.push(item);
 
+		});
 
+		gridOptions.api.setRowData(modifyList);
 
+	}
 
 
 	$(document).ready(function() {
 
 		// Create a agGrid

+ 100 - 98
src/main/webapp/WEB-INF/views/order/OrderDetailForm.html
Visa fil 

@@ -95,8 +95,8 @@
 
 				</table>
 
 				<!-- //TABLE -->
 
 
-				<h4>주문결제내역</h4>
 
-				<table class="frmStyle">
 
+				<h4 th:if="${orginalOrdPayInfo != null}">주문결제내역</h4>
 
+				<table class="frmStyle" th:if="${orginalOrdPayInfo != null}">
 
 					<colgroup>
 
 						<col width="10%"/>
 
 						<col width="10%"/>
 
@@ -1519,116 +1519,118 @@ $(document).ready(function () {
 
 // 	$(".pgGbNm").text(pgGbNm);
 
 // 	$(".cardNm").text(cardGbNm);
 
 	
-	// 원주문 결제내역 정보
 
-	$('.totPayAmt').text(orginalOrdPayInfo.totPayAmt.addComma() + '원');
 
-	$('.ordCurrAmt').text(orginalOrdPayInfo.ordCurrAmt.addComma() + '원');
 
-	$('.payMeansNm').text(orginalOrdPayInfo.payMeansNm);
 
-	$('.mainPayAmt').text((orginalOrdPayInfo.realOrdAmt - orginalOrdPayInfo.pgCpnAmt - orginalOrdPayInfo.npayPntAmt).addComma() + '원');
 
-	$('.payMeansDesc').text(orginalOrdPayInfo.payMeansDesc);
 
-	$('.realDelvAmt').text(orginalOrdPayInfo.realDelvAmt.addComma() + '원');
 
-	
-	var delvFeeDesc = '';
 
-	if (!gagajf.isNull(orginalOrdPayInfo.delvFeeDesc)) delvFeeDesc += '<li>배송비 : ' + orginalOrdPayInfo.delvFeeDesc + '</li>';
 
-	if (!gagajf.isNull(orginalOrdPayInfo.delvFeeCpnDesc)) delvFeeDesc += '<li>배송비 쿠폰 : ' + orginalOrdPayInfo.delvFeeCpnDesc + '</li>';
 
-	$('.delvFeeDesc').html(delvFeeDesc);
 
-	
-	$('.gfcdUseAmt').html('<a href="javascript:void(0);" onclick="fnOrderGiftcardHst(' + ordNo + ');"><u>' + orginalOrdPayInfo.gfcdUseAmt.addComma() + '원</u></a>');
 
-	
-	var gfcdUseDesc = '';
 
-	if (parseInt(orginalOrdPayInfo.gfcdUseAmt) > 0 && !gagajf.isNull(orginalOrdPayInfo.gfcdUseDesc)) {
 
-		if (orginalOrdPayInfo.gfcdUseDesc.indexOf('!@!') > -1) {
 
-			var arrGfcdUseDesc = orginalOrdPayInfo.gfcdUseDesc.split('!@!');
 
-			for (var j = 0; j < arrGfcdUseDesc.length; j++) {
 
-				gfcdUseDesc += '<li>' + arrGfcdUseDesc[j] + '</li>\n';
 
-			}
 
-		} else {
 
-			gfcdUseDesc += '<li>' + orginalOrdPayInfo.gfcdUseDesc + '</li>\n';
 
-		}
 
-	}
 
-	$('.gfcdUseDesc').html(gfcdUseDesc);
 
-	
-	$('.totDcAmt').text(getZeroMinusDelAmt(orginalOrdPayInfo.totDcAmt) + '원');
 
-	$('.pntDcAmt').html('<a href="javascript:void(0);" onclick="fnOrderPointHst(' + ordNo + ');"><u>' + orginalOrdPayInfo.pntDcAmt.addComma() + '원</u></a>');
 
-	$('.cpn1DcAmt').text(getZeroMinusDelAmt(orginalOrdPayInfo.cpn1DcAmt) + '원');
 
-	
-	var cpn1CpnDcDesc = '';
 
-	if (parseInt(orginalOrdPayInfo.cpn1DcAmt) > 0 && !gagajf.isNull(orginalOrdPayInfo.cpn1CpnDcDesc)) {
 
-		if (orginalOrdPayInfo.cpn1CpnDcDesc.indexOf('!@!') > -1) {
 
-			var arrCpn1CpnDcDesc = orginalOrdPayInfo.cpn1CpnDcDesc.split('!@!');
 
-			for (var j = 0; j < arrCpn1CpnDcDesc.length; j++) {
 
-				cpn1CpnDcDesc += '<li>' + arrCpn1CpnDcDesc[j] + '</li>\n';
 
+	if (!gagajf.isNull(orginalOrdPayInfo)) {
 
+		// 원주문 결제내역 정보
 
+		$('.totPayAmt').text(orginalOrdPayInfo.totPayAmt.addComma() + '원');
 
+		$('.ordCurrAmt').text(orginalOrdPayInfo.ordCurrAmt.addComma() + '원');
 
+		$('.payMeansNm').text(orginalOrdPayInfo.payMeansNm);
 
+		$('.mainPayAmt').text((orginalOrdPayInfo.realOrdAmt - orginalOrdPayInfo.pgCpnAmt - orginalOrdPayInfo.npayPntAmt).addComma() + '원');
 
+		$('.payMeansDesc').text(orginalOrdPayInfo.payMeansDesc);
 
+		$('.realDelvAmt').text(orginalOrdPayInfo.realDelvAmt.addComma() + '원');
 
+		
+		var delvFeeDesc = '';
 
+		if (!gagajf.isNull(orginalOrdPayInfo.delvFeeDesc)) delvFeeDesc += '<li>배송비 : ' + orginalOrdPayInfo.delvFeeDesc + '</li>';
 
+		if (!gagajf.isNull(orginalOrdPayInfo.delvFeeCpnDesc)) delvFeeDesc += '<li>배송비 쿠폰 : ' + orginalOrdPayInfo.delvFeeCpnDesc + '</li>';
 
+		$('.delvFeeDesc').html(delvFeeDesc);
 
+		
+		$('.gfcdUseAmt').html('<a href="javascript:void(0);" onclick="fnOrderGiftcardHst(' + ordNo + ');"><u>' + orginalOrdPayInfo.gfcdUseAmt.addComma() + '원</u></a>');
 
+		
+		var gfcdUseDesc = '';
 
+		if (parseInt(orginalOrdPayInfo.gfcdUseAmt) > 0 && !gagajf.isNull(orginalOrdPayInfo.gfcdUseDesc)) {
 
+			if (orginalOrdPayInfo.gfcdUseDesc.indexOf('!@!') > -1) {
 
+				var arrGfcdUseDesc = orginalOrdPayInfo.gfcdUseDesc.split('!@!');
 
+				for (var j = 0; j < arrGfcdUseDesc.length; j++) {
 
+					gfcdUseDesc += '<li>' + arrGfcdUseDesc[j] + '</li>\n';
 
+				}
 
+			} else {
 
+				gfcdUseDesc += '<li>' + orginalOrdPayInfo.gfcdUseDesc + '</li>\n';
 
 			}
 
-		} else {
 
-			cpn1CpnDcDesc += '<li>' + orginalOrdPayInfo.cpn1CpnDcDesc + '</li>\n';
 
 		}
 
-	}
 
-	$('.cpn1CpnDcDesc').html(cpn1CpnDcDesc);
 
-	
-	$('.pgCpnAmt').text(orginalOrdPayInfo.pgCpnAmt.addComma() + '원');
 
-	$('.tmtbDcAmt').html('<a href="javascript:void(0);" onclick="fnOrderTmtbHst(' + ordNo + ');"><span class="cRed"><u>' + getZeroMinusDelAmt(orginalOrdPayInfo.tmtbDcAmt) + '원</u></span></a>');
 
-	if (parseInt(orginalOrdPayInfo.tmtbDcAmt) > 0) {
 
-		var tmtb1Desc = '';
 
-		if (parseInt(orginalOrdPayInfo.tmtb1DcAmt) > 0 && !gagajf.isNull(orginalOrdPayInfo.tmtb1Desc)) {
 
-			if (orginalOrdPayInfo.tmtb1Desc.indexOf('!@!') > -1) {
 
-				var arrTmtb1Desc = orginalOrdPayInfo.tmtb1Desc.split('!@!');
 
-				for (var j = 0; j < arrTmtb1Desc.length; j++) {
 
-					tmtb1Desc += arrTmtb1Desc[j];
 
+		$('.gfcdUseDesc').html(gfcdUseDesc);
 
+		
+		$('.totDcAmt').text(getZeroMinusDelAmt(orginalOrdPayInfo.totDcAmt) + '원');
 
+		$('.pntDcAmt').html('<a href="javascript:void(0);" onclick="fnOrderPointHst(' + ordNo + ');"><u>' + orginalOrdPayInfo.pntDcAmt.addComma() + '원</u></a>');
 
+		$('.cpn1DcAmt').text(getZeroMinusDelAmt(orginalOrdPayInfo.cpn1DcAmt) + '원');
 
+		
+		var cpn1CpnDcDesc = '';
 
+		if (parseInt(orginalOrdPayInfo.cpn1DcAmt) > 0 && !gagajf.isNull(orginalOrdPayInfo.cpn1CpnDcDesc)) {
 
+			if (orginalOrdPayInfo.cpn1CpnDcDesc.indexOf('!@!') > -1) {
 
+				var arrCpn1CpnDcDesc = orginalOrdPayInfo.cpn1CpnDcDesc.split('!@!');
 
+				for (var j = 0; j < arrCpn1CpnDcDesc.length; j++) {
 
+					cpn1CpnDcDesc += '<li>' + arrCpn1CpnDcDesc[j] + '</li>\n';
 
 				}
 
 			} else {
 
-				tmtb1Desc += orginalOrdPayInfo.tmtb1Desc;
 
+				cpn1CpnDcDesc += '<li>' + orginalOrdPayInfo.cpn1CpnDcDesc + '</li>\n';
 
 			}
 
 		}
 
-		var tmtb2Desc = '';
 
-		if (parseInt(orginalOrdPayInfo.tmtb2DcAmt) > 0 && !gagajf.isNull(orginalOrdPayInfo.tmtb2Desc)) {
 
-			if (orginalOrdPayInfo.tmtb2Desc.indexOf('!@!') > -1) {
 
-				var arrTmtb2Desc = orginalOrdPayInfo.tmtb2Desc.split('!@!');
 
-				for (var j = 0; j < arrTmtb2Desc.length; j++) {
 
-					tmtb2Desc += arrTmtb2Desc[j];
 
+		$('.cpn1CpnDcDesc').html(cpn1CpnDcDesc);
 
+		
+		$('.pgCpnAmt').text(orginalOrdPayInfo.pgCpnAmt.addComma() + '원');
 
+		$('.tmtbDcAmt').html('<a href="javascript:void(0);" onclick="fnOrderTmtbHst(' + ordNo + ');"><span class="cRed"><u>' + getZeroMinusDelAmt(orginalOrdPayInfo.tmtbDcAmt) + '원</u></span></a>');
 
+		if (parseInt(orginalOrdPayInfo.tmtbDcAmt) > 0) {
 
+			var tmtb1Desc = '';
 
+			if (parseInt(orginalOrdPayInfo.tmtb1DcAmt) > 0 && !gagajf.isNull(orginalOrdPayInfo.tmtb1Desc)) {
 
+				if (orginalOrdPayInfo.tmtb1Desc.indexOf('!@!') > -1) {
 
+					var arrTmtb1Desc = orginalOrdPayInfo.tmtb1Desc.split('!@!');
 
+					for (var j = 0; j < arrTmtb1Desc.length; j++) {
 
+						tmtb1Desc += arrTmtb1Desc[j];
 
+					}
 
+				} else {
 
+					tmtb1Desc += orginalOrdPayInfo.tmtb1Desc;
 
 				}
 
-			} else {
 
-				tmtb2Desc += orginalOrdPayInfo.tmtb2Desc;
 
 			}
 
+			var tmtb2Desc = '';
 
+			if (parseInt(orginalOrdPayInfo.tmtb2DcAmt) > 0 && !gagajf.isNull(orginalOrdPayInfo.tmtb2Desc)) {
 
+				if (orginalOrdPayInfo.tmtb2Desc.indexOf('!@!') > -1) {
 
+					var arrTmtb2Desc = orginalOrdPayInfo.tmtb2Desc.split('!@!');
 
+					for (var j = 0; j < arrTmtb2Desc.length; j++) {
 
+						tmtb2Desc += arrTmtb2Desc[j];
 
+					}
 
+				} else {
 
+					tmtb2Desc += orginalOrdPayInfo.tmtb2Desc;
 
+				}
 
+			}
 
+			var tmtbDcDesc = '<li>수량 할인 : ' + getZeroMinusDelAmt(orginalOrdPayInfo.tmtb1DcAmt) + '원' + (!gagajf.isNull(tmtb1Desc) ? " (" : "") + tmtb1Desc + (!gagajf.isNull(tmtb1Desc) ? ")" : "") + '</li>';
 
+			tmtbDcDesc += '<li>금액 할인 : ' + getZeroMinusDelAmt(orginalOrdPayInfo.tmtb2DcAmt) + '원' + (!gagajf.isNull(tmtb2Desc) ? " (" : "") + tmtb2Desc + (!gagajf.isNull(tmtb2Desc) ? ")" : "") + '</li>';
 
+			$(".tmtbDcDesc").html(tmtbDcDesc);
 
 		}
 
-		var tmtbDcDesc = '<li>수량 할인 : ' + getZeroMinusDelAmt(orginalOrdPayInfo.tmtb1DcAmt) + '원' + (!gagajf.isNull(tmtb1Desc) ? " (" : "") + tmtb1Desc + (!gagajf.isNull(tmtb1Desc) ? ")" : "") + '</li>';
 
-		tmtbDcDesc += '<li>금액 할인 : ' + getZeroMinusDelAmt(orginalOrdPayInfo.tmtb2DcAmt) + '원' + (!gagajf.isNull(tmtb2Desc) ? " (" : "") + tmtb2Desc + (!gagajf.isNull(tmtb2Desc) ? ")" : "") + '</li>';
 
-		$(".tmtbDcDesc").html(tmtbDcDesc);
 
-	}
 
-	
-	$('.npayPntAmt').text(orginalOrdPayInfo.npayPntAmt.addComma() + '원');
 
-	$('.npayPntDesc').text(orginalOrdPayInfo.npayPntDesc);
 
-	$('.goodsCpnDcAmt').html('<a href="javascript:void(0);" onclick="fnOrderCouponHst(' + ordNo + ');"><span class="cRed"><u>' + getZeroMinusDelAmt(orginalOrdPayInfo.goodsCpnDcAmt) + '원</u></span></a>');
 
-	
-	var goodsCpnDcDesc = '';
 
-	if (parseInt(orginalOrdPayInfo.goodsCpnDcAmt) > 0 && !gagajf.isNull(orginalOrdPayInfo.goodsCpnDcDesc)) {
 
-		if (orginalOrdPayInfo.goodsCpnDcDesc.indexOf('!@!') > -1) {
 
-			var arrGoodsCpnDcDesc = orginalOrdPayInfo.goodsCpnDcDesc.split('!@!');
 
-			for (var j = 0; j < arrGoodsCpnDcDesc.length; j++) {
 
-				goodsCpnDcDesc += '<li>' + arrGoodsCpnDcDesc[j] + '</li>\n';
 
+		
+		$('.npayPntAmt').text(orginalOrdPayInfo.npayPntAmt.addComma() + '원');
 
+		$('.npayPntDesc').text(orginalOrdPayInfo.npayPntDesc);
 
+		$('.goodsCpnDcAmt').html('<a href="javascript:void(0);" onclick="fnOrderCouponHst(' + ordNo + ');"><span class="cRed"><u>' + getZeroMinusDelAmt(orginalOrdPayInfo.goodsCpnDcAmt) + '원</u></span></a>');
 
+		
+		var goodsCpnDcDesc = '';
 
+		if (parseInt(orginalOrdPayInfo.goodsCpnDcAmt) > 0 && !gagajf.isNull(orginalOrdPayInfo.goodsCpnDcDesc)) {
 
+			if (orginalOrdPayInfo.goodsCpnDcDesc.indexOf('!@!') > -1) {
 
+				var arrGoodsCpnDcDesc = orginalOrdPayInfo.goodsCpnDcDesc.split('!@!');
 
+				for (var j = 0; j < arrGoodsCpnDcDesc.length; j++) {
 
+					goodsCpnDcDesc += '<li>' + arrGoodsCpnDcDesc[j] + '</li>\n';
 
+				}
 
+			} else {
 
+				goodsCpnDcDesc += '<li>' + orginalOrdPayInfo.goodsCpnDcDesc + '</li>\n';
 
 			}
 
-		} else {
 
-			goodsCpnDcDesc += '<li>' + orginalOrdPayInfo.goodsCpnDcDesc + '</li>\n';
 
 		}
 
-	}
 
-	$('.goodsCpnDcDesc').html(goodsCpnDcDesc);
 
-	
-	$('.savePntAmt').html('<a href="javascript:void(0);" onclick="fnOrderPointHst(' + ordNo + ');"><u>' + orginalOrdPayInfo.savePntAmt.addComma() + '</u>원</a>');
 
-	$('.cartCpnDcAmt').html('<a href="javascript:void(0);" onclick="fnOrderCouponHst(' + ordNo + ');"><span class="cRed"><u>' + getZeroMinusDelAmt(orginalOrdPayInfo.cartCpnDcAmt) + '원</u></span></a>');
 
-	
-	var cartCpnDcDesc = '';
 
-	if (parseInt(orginalOrdPayInfo.cartCpnDcAmt) > 0 && !gagajf.isNull(orginalOrdPayInfo.cartCpnDcDesc)) {
 
-		if (orginalOrdPayInfo.cartCpnDcDesc.indexOf('!@!') > -1) {
 
-			var arrCartCpnDcDesc = orginalOrdPayInfo.cartCpnDcDesc.split('!@!');
 
-			for (var j = 0; j < arrCartCpnDcDesc.length; j++) {
 
-				cartCpnDcDesc += '<li>' + arrCartCpnDcDesc[j] + '</li>\n';
 
+		$('.goodsCpnDcDesc').html(goodsCpnDcDesc);
 
+		
+		$('.savePntAmt').html('<a href="javascript:void(0);" onclick="fnOrderPointHst(' + ordNo + ');"><u>' + orginalOrdPayInfo.savePntAmt.addComma() + '</u>원</a>');
 
+		$('.cartCpnDcAmt').html('<a href="javascript:void(0);" onclick="fnOrderCouponHst(' + ordNo + ');"><span class="cRed"><u>' + getZeroMinusDelAmt(orginalOrdPayInfo.cartCpnDcAmt) + '원</u></span></a>');
 
+		
+		var cartCpnDcDesc = '';
 
+		if (parseInt(orginalOrdPayInfo.cartCpnDcAmt) > 0 && !gagajf.isNull(orginalOrdPayInfo.cartCpnDcDesc)) {
 
+			if (orginalOrdPayInfo.cartCpnDcDesc.indexOf('!@!') > -1) {
 
+				var arrCartCpnDcDesc = orginalOrdPayInfo.cartCpnDcDesc.split('!@!');
 
+				for (var j = 0; j < arrCartCpnDcDesc.length; j++) {
 
+					cartCpnDcDesc += '<li>' + arrCartCpnDcDesc[j] + '</li>\n';
 
+				}
 
+			} else {
 
+				cartCpnDcDesc += '<li>' + orginalOrdPayInfo.cartCpnDcDesc + '</li>\n';
 
 			}
 
-		} else {
 
-			cartCpnDcDesc += '<li>' + orginalOrdPayInfo.cartCpnDcDesc + '</li>\n';
 
 		}
 
+		$('.cartCpnDcDesc').html(cartCpnDcDesc);
 
+		
+		$('.cashReceipReqYn').text(orginalOrdPayInfo.cashReceipReqYn);
 
+		$('.prePntDcAmt').text(getZeroMinusDelAmt(orginalOrdPayInfo.prePntDcAmt) + '원');
 
 	}
 
-	$('.cartCpnDcDesc').html(cartCpnDcDesc);
 
-	
-	$('.cashReceipReqYn').text(orginalOrdPayInfo.cashReceipReqYn);
 
-	$('.prePntDcAmt').text(getZeroMinusDelAmt(orginalOrdPayInfo.prePntDcAmt) + '원');
 
 });
 
 </script>

+ 10 - 1
src/main/webapp/WEB-INF/views/shoplinker/ShoplinkerStockForm.html
Visa fil 

@@ -271,7 +271,16 @@
 
 		$('#searchForm').find('#pageNo').val(result.pageing.pageable.pageNo.addComma());
 
 		$('#searchForm').find('#pgNo').html(result.pageing.pageable.pageNo.addComma());
 
 		$('#searchForm').find('#endPgNo').html(result.pageing.pageable.totalPage.addComma());
 
-		gridOptions.api.setRowData(result.stockList);
 
+		var data = result.stockList;		//XSS 그리드 내 변환
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let apiMessage = item.apiMessage;
 
+			
+			item.apiMessage = apiMessage.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		gridOptions.api.setRowData(modifyList);
 
 		gagaPaging.createPagination(result.pageing.pageable);
 
 
 	}

+ 38 - 2
src/main/webapp/WEB-INF/views/system/BatchForm.html
Visa fil 

@@ -288,6 +288,7 @@
 
 		
 		// 배치로그 조회
 
 		fnGetBatchLogByBatchId(event.data.batchId);
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 	
 	// 배치 실행
 
@@ -318,8 +319,8 @@
 
 	// 조회
 
 	$('#btnSearch').on('click', function() {
 
 		// Fetch data
 
-		gagaAgGrid.fetch($('#searchForm').prop('action'), gridOptions1, '#searchForm');
 
-		gagaAgGrid.fetch('/system/batch/log/list', gridOptions2, '#searchForm');
 
+		gagaAgGrid.fetch($('#searchForm').prop('action'), gridOptions1, '#searchForm',fnChangeGrid);
 
+		gagaAgGrid.fetch('/system/batch/log/list', gridOptions2, '#searchForm',fnChangeGrid1);
 
 	});
 
 
 	// 신규
 
@@ -361,6 +362,41 @@
 
 		$('#searchForm input[name=batchId]').val(batchId);
 
 		gagaAgGrid.fetch('/system/batch/log/list', gridOptions2, '#searchForm');
 
 	}
 
+	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+		$('#detailForm input[name=batchNm]').val($('#detailForm input[name=batchNm]').val().replaceXSS());
 
+		$('#detailForm textarea[name=batchDesc]').val($('#detailForm textarea[name=batchDesc]').val().replaceXSS());
 
+		$('#detailForm input[name=batchUrl]').val($('#detailForm input[name=batchUrl]').val().replaceXSS());
 
+	};
 
+	
+	var fnChangeGrid = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions1);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let batchNm = item.batchNm;
 
+			let batchUrl = item.batchUrl;
 
+
 
+			
+			item.batchNm = batchNm.replaceXSS();
 
+			item.batchUrl = batchUrl.replaceXSS();
 
+
 
+			modifyList.push(item);
 
+		});
 
+		gridOptions1.api.setRowData(modifyList);
 
+	};
 
+	
+	var fnChangeGrid1 = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions2);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let batchNm = item.batchNm;
 
+
 
+			item.batchNm = batchNm.replaceXSS();
 
+
 
+			modifyList.push(item);
 
+		});
 
+		gridOptions2.api.setRowData(modifyList);
 
+	};
 
 
 	$(document).ready(function() {
 
 		cfnCreateCalendar('#terms', 'batchStdt', 'batchEddt');

+ 39 - 2
src/main/webapp/WEB-INF/views/system/CommoncodeForm.html
Visa fil 

@@ -168,6 +168,7 @@
 
 			return;
 
 
 		fnBindDetail(event.data, 1);
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 	
 	gridOptions2.onCellClicked = function(event) {
 
@@ -175,6 +176,7 @@
 
 			return;
 
 
 		fnBindDetail(event.data, 2);
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 	
 	// 목록 > row 클릭 시
 
@@ -208,7 +210,7 @@
 
 		let actionUrl = $('#searchForm').prop('action') + '?' + $('#searchForm').serialize();
 
 		
 		// Fetch data
 
-		gagaAgGrid.fetch(actionUrl, gridOptions1);
 
+		gagaAgGrid.fetch(actionUrl, gridOptions1,null,fnChangeGrid);
 
 	});
 
 	
 	// 상세코드 조회
 
@@ -216,7 +218,7 @@
 
 	let fnGetDetailCode = function(cd) {
 
 		gCd = cd;
 
 		let actionUrl = $('#searchForm').prop('action') + '?cdGb=' + cd;
 
-		gagaAgGrid.fetch(actionUrl, gridOptions2);
 
+		gagaAgGrid.fetch(actionUrl, gridOptions2,null,fnChangeGrid1);
 
 	}
 
 	
 	// 신규
 
@@ -245,6 +247,41 @@
 
 		});
 
 	});
 
 	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+		$('#detailForm input[name=cd]').val($('#detailForm input[name=cd]').val().replaceXSS());
 
+		$('#detailForm input[name=cdNm]').val($('#detailForm input[name=cdNm]').val().replaceXSS());
 
+		$('#detailForm textarea[name=cdDesc]').val($('#detailForm textarea[name=cdDesc]').val().replaceXSS());
 
+	};
 
+	
+	var fnChangeGrid = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions1);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let cdNm = item.cdNm;
 
+			
+			item.cdNm = cdNm.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		gridOptions1.api.setRowData(modifyList);
 
+	};
 
+	
+	var fnChangeGrid1 = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions2);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			
+			let cdNm = item.cdNm;
 
+			let cdDesc = item.cdDesc;
 
+			
+			item.cdNm = cdNm.replaceXSS();
 
+			item.cdDesc = cdDesc.replaceXSS();
 
+			
+			modifyList.push(item);
 
+		});
 
+		gridOptions2.api.setRowData(modifyList);
 
+	};
 
+	
 	$(document).ready(function() {
 
 		// Create a agGrid
 
 		gagaAgGrid.createGrid('gridList1', gridOptions1);

+ 6 - 0
src/main/webapp/WEB-INF/views/system/MenuForm.html
Visa fil 

@@ -329,6 +329,7 @@
 
 			return;
 
 
 		fnBindDetail(event.data);
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 	
 	// 조회
 
@@ -500,6 +501,11 @@
 
 			}
 
 		});
 
 	});
 
+
 
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+		$('#detailForm input[name=menuNm]').val($('#detailForm input[name=menuNm]').val().replaceXSS());
 
+		$('#detailForm input[name=menuUrl]').val($('#detailForm input[name=menuUrl]').val().replaceXSS());
 
+	};
 
 	
 	$(document).ready(function() {
 
 		// Create a agGrid

+ 5 - 0
src/main/webapp/WEB-INF/views/system/SampleFileForm.html
Visa fil 

@@ -139,6 +139,7 @@
 
 		}
 
 		
 		$('#detailForm input:checkbox[name=chkUseYn]').attr('readonly', false);
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 
 	// 조회
 
@@ -204,6 +205,10 @@
 
 				}
 
 		);
 
 	});
 
+	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+		$('#detailForm input[name=sampleFileNm]').val($('#detailForm input[name=sampleFileNm]').val().replaceXSS());
 
+	};
 
 
 	$(document).ready(function() {
 
 		// Create a agGrid

+ 37 - 2
src/main/webapp/WEB-INF/views/system/SystemAlarmForm.html
Visa fil 

@@ -198,16 +198,17 @@
 
 			// 수신자 목록
 
 			fnSearchReceiverList();
 
 		}
 
+		fnUnEscapeHtml();	//XSS변환
 
 	}
 
 	
 	$('#btnSearch').on('click', function() {
 
-		gagaAgGrid.fetch($('#searchForm').prop('action'), gridOptions1, '#searchForm');
 
+		gagaAgGrid.fetch($('#searchForm').prop('action'), gridOptions1, '#searchForm',fnChangeGrid);
 
 	});
 
 	
 	// 수신자 목록 조회
 
 	var fnSearchReceiverList = function() {
 
 		let actionUrl = '/system/alarm/receiver/list/' + $('#detailForm input[name=alarmId]').val();
 
-		gagaAgGrid.fetch(actionUrl, gridOptions2);
 
+		gagaAgGrid.fetch(actionUrl, gridOptions2,null,fnChangeGrid1);
 
 	}
 
 	
 	// 신규
 
@@ -319,6 +320,40 @@
 
 		});
 
 	});
 
 	
+	var fnUnEscapeHtml = function(){	//XSS변환
 
+		$('#detailForm input[name=alarmTitle]').val($('#detailForm input[name=alarmTitle]').val().replaceXSS());
 
+		$('#detailForm input[name=alarmMsg]').val($('#detailForm input[name=alarmMsg]').val().replaceXSS());
 
+	};
 
+	
+	var fnChangeGrid = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions1);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let alarmTitle = item.alarmTitle;
 
+			let alarmMsg = item.alarmMsg;
 
+
 
+			
+			item.alarmTitle = alarmTitle.replaceXSS();
 
+			item.alarmMsg = alarmMsg.replaceXSS();
 
+
 
+			modifyList.push(item);
 
+		});
 
+		gridOptions1.api.setRowData(modifyList);
 
+	};
 
+	
+	var fnChangeGrid1 = function(){	//XSS 그리드 내 변환
 
+		var data = gagaAgGrid.getAllRowData(gridOptions2);
 
+		let modifyList = [];
 
+		$.each(data, function(idx, item) {
 
+			let receiverNm = item.receiverNm;
 
+			
+			item.receiverNm = receiverNm.replaceXSS();
 
+
 
+			modifyList.push(item);
 
+		});
 
+		gridOptions2.api.setRowData(modifyList);
 
+	};
 
+	
 	$(document).ready(function() {
 
 		gagaAgGrid.createGrid('gridList1', gridOptions1);
 
 		gagaAgGrid.createGrid('gridList2', gridOptions2);

+ 6 - 0
src/main/webapp/WEB-INF/views/withdraw/RefundRegisterListForm.html
Visa fil 

@@ -488,6 +488,12 @@
 
 			}
 
 		});
 
 	};
 
+
 
+	// 주문자연락처 하이픈 처리
 
+	$('#ordPhnno').on('input keyup keydown paste change', function () {
 
+		cfnCellPhonnHypen(this);
 
+	});
 
+
 
 /*]]>*/
 
 </script>
 
 </html>

+ 1 - 0
src/main/webapp/ux/js/admin.ui.js
Visa fil 

@@ -45,6 +45,7 @@ function uifnPopupOpen(id){
 
 	if ($fisrtChild.hasClass("modelessPopup")){

 		let popL = parseInt($fisrtChild.css("left")) - popW/2;

 		let popT = parseInt($fisrtChild.css("top")) - popH/2;

+		popT += $(window).scrollTop();

 		$fisrtChild.css({left:popL, top:popT});

 	};

+ 12 - 12
src/main/webapp/ux/plugins/gaga/gaga.agGrid.js
Visa fil 

@@ -1008,12 +1008,12 @@ var gagaAgGrid = {
 
 					try {
 
 						// 태그 치환
 
 						$(data).each(function(idx, item) {
 
-							if (typeof item.brandEnm != "undefined" && !gagajf.isNull(item.brandEnm)) item.brandEnm = item.brandEnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
-							if (typeof item.brandKnm != "undefined" && !gagajf.isNull(item.brandKnm)) item.brandKnm = item.brandKnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
-							if (typeof item.brandGroupNm != "undefined" && !gagajf.isNull(item.brandGroupNm)) item.brandGroupNm = item.brandGroupNm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
-							if (typeof item.brandGroupKnm != "undefined" && !gagajf.isNull(item.brandGroupKnm)) item.brandGroupKnm = item.brandGroupKnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
-							if (typeof item.brandGroupEnm != "undefined" && !gagajf.isNull(item.brandGroupEnm)) item.brandGroupEnm = item.brandGroupEnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
-							if (typeof item.goodsNm != "undefined" && !gagajf.isNull(item.goodsNm)) item.goodsNm = item.goodsNm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
+							if (typeof item.brandEnm != "undefined" && !gagajf.isNull(item.brandEnm)) item.brandEnm = item.brandEnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt;', '<').replaceAll('&nbsp;', ' ');
 
+							if (typeof item.brandKnm != "undefined" && !gagajf.isNull(item.brandKnm)) item.brandKnm = item.brandKnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt;', '<').replaceAll('&nbsp;', ' ');
 
+							if (typeof item.brandGroupNm != "undefined" && !gagajf.isNull(item.brandGroupNm)) item.brandGroupNm = item.brandGroupNm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt;', '<').replaceAll('&nbsp;', ' ');
 
+							if (typeof item.brandGroupKnm != "undefined" && !gagajf.isNull(item.brandGroupKnm)) item.brandGroupKnm = item.brandGroupKnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt;', '<').replaceAll('&nbsp;', ' ');
 
+							if (typeof item.brandGroupEnm != "undefined" && !gagajf.isNull(item.brandGroupEnm)) item.brandGroupEnm = item.brandGroupEnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt;', '<').replaceAll('&nbsp;', ' ');
 
+							if (typeof item.goodsNm != "undefined" && !gagajf.isNull(item.goodsNm)) item.goodsNm = item.goodsNm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt;', '<').replaceAll('&nbsp;', ' ');
 
 						});
 
 
 						gridOptions.api.setRowData(data);
 
@@ -1057,12 +1057,12 @@ var gagaAgGrid = {
 
 					try {
 
 						// 태그 치환
 
 						$(data).each(function(idx, item) {
 
-							if (typeof item.brandEnm != "undefined" && !gagajf.isNull(item.brandEnm)) item.brandEnm = item.brandEnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
-							if (typeof item.brandKnm != "undefined" && !gagajf.isNull(item.brandKnm)) item.brandKnm = item.brandKnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
-							if (typeof item.brandGroupNm != "undefined" && !gagajf.isNull(item.brandGroupNm)) item.brandGroupNm = item.brandGroupNm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
-							if (typeof item.brandGroupKnm != "undefined" && !gagajf.isNull(item.brandGroupKnm)) item.brandGroupKnm = item.brandGroupKnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
-							if (typeof item.brandGroupEnm != "undefined" && !gagajf.isNull(item.brandGroupEnm)) item.brandGroupEnm = item.brandGroupEnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
-							if (typeof item.goodsNm != "undefined" && !gagajf.isNull(item.goodsNm)) item.goodsNm = item.goodsNm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt', '<').replaceAll('&nbsp;', ' ');
 
+							if (typeof item.brandEnm != "undefined" && !gagajf.isNull(item.brandEnm)) item.brandEnm = item.brandEnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt;', '<').replaceAll('&nbsp;', ' ');
 
+							if (typeof item.brandKnm != "undefined" && !gagajf.isNull(item.brandKnm)) item.brandKnm = item.brandKnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt;', '<').replaceAll('&nbsp;', ' ');
 
+							if (typeof item.brandGroupNm != "undefined" && !gagajf.isNull(item.brandGroupNm)) item.brandGroupNm = item.brandGroupNm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt;', '<').replaceAll('&nbsp;', ' ');
 
+							if (typeof item.brandGroupKnm != "undefined" && !gagajf.isNull(item.brandGroupKnm)) item.brandGroupKnm = item.brandGroupKnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt;', '<').replaceAll('&nbsp;', ' ');
 
+							if (typeof item.brandGroupEnm != "undefined" && !gagajf.isNull(item.brandGroupEnm)) item.brandGroupEnm = item.brandGroupEnm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt;', '<').replaceAll('&nbsp;', ' ');
 
+							if (typeof item.goodsNm != "undefined" && !gagajf.isNull(item.goodsNm)) item.goodsNm = item.goodsNm.replaceAll('&amp;', '&').replaceAll('&gt;', '>').replaceAll('&lt;', '<').replaceAll('&nbsp;', ' ');
 
 						});
 
 
 						gridOptions.api.setRowData(data);