유의사항 escape

src/main/webapp/WEB-INF/views/mob/planning/PlanningDetailFormMob.html

@@ -464,7 +464,7 @@ if (notice.length>0) {
 	html += '	<div class="announce_list">';
 	html += '		<ul>';
 	$.each(notice, function(idx, item)  {
-	html += '			<li>' +item.itemVal+ '</li>';
+	html += '			<li>' +item.itemVal.escapeHtml();+ '</li>';
 	});
 	html += '		</ul>';
 	html += '	</div>';
@@ -931,23 +931,23 @@ if(template.length>0){
 			html += '			<ul>\n';
 			html += '                  <li>' + couponContent[0].cpnNote0 +'</li>\n';
 			if(couponContent[0].cpnNote1 != null && couponContent[0].cpnNote1 != '')
-				html += '                  <li>' + couponContent[0].cpnNote1 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote1.escapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote2 != null && couponContent[0].cpnNote2 != '')
-				html += '                  <li>' + couponContent[0].cpnNote2 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote2.escapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote3 != null && couponContent[0].cpnNote3 != '')
-				html += '                  <li>' + couponContent[0].cpnNote3 +'</li>\n';	
+				html += '                  <li>' + couponContent[0].cpnNote3.escapeHtml(); +'</li>\n';	
 			if(couponContent[0].cpnNote4 != null && couponContent[0].cpnNote4 != '')
-				html += '                  <li>' + couponContent[0].cpnNote4 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote4.escapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote5 != null && couponContent[0].cpnNote5 != '')
-				html += '                  <li>' + couponContent[0].cpnNote5 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote5.escapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote6 != null && couponContent[0].cpnNote6 != '')
-				html += '                  <li>' + couponContent[0].cpnNote6 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote6.escapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote7 != null && couponContent[0].cpnNote7 != '')
-				html += '                  <li>' + couponContent[0].cpnNote7 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote7.escapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote8 != null && couponContent[0].cpnNote8 != '')
-				html += '                  <li>' + couponContent[0].cpnNote8 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote8.escapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote9 != null && couponContent[0].cpnNote9 != '')
-				html += '                  <li>' + couponContent[0].cpnNote9 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote9.escapeHtml(); +'</li>\n';
 			html += '			</ul>\n';
 			html += '		</div>\n';
 			html += '	</div>\n';

src/main/webapp/WEB-INF/views/web/planning/PlanningDetailFormWeb.html

@@ -262,7 +262,7 @@ if(notice.length>0){
 	html += '            <div class="announce_list">\n';
 	html += '                <ul>\n';
 	$.each(notice, function(idx, item)  {
-		html += '				<li>' +item.itemVal+ '</li>\n';
+		html += '				<li>' +item.itemVal.escapeHtml();+ '</li>\n';
 	});
 	html += '                </ul>\n';
 	html += '            </div>\n';
@@ -777,23 +777,23 @@ if(template.length>0){
 			html += '               <ul>\n';
 			html += '                  <li>' + couponContent[0].cpnNote0 +'</li>\n';
 			if(couponContent[0].cpnNote1 != null && couponContent[0].cpnNote1 != '')
-				html += '                  <li>' + couponContent[0].cpnNote1 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote1.escapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote2 != null && couponContent[0].cpnNote2 != '')
-				html += '                  <li>' + couponContent[0].cpnNote2 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote2.escapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote3 != null && couponContent[0].cpnNote3 != '')
-				html += '                  <li>' + couponContent[0].cpnNote3 +'</li>\n';	
+				html += '                  <li>' + couponContent[0].cpnNote3.escapeHtml(); +'</li>\n';	
 			if(couponContent[0].cpnNote4 != null && couponContent[0].cpnNote4 != '')
-				html += '                  <li>' + couponContent[0].cpnNote4 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote4.escapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote5 != null && couponContent[0].cpnNote5 != '')
-				html += '                  <li>' + couponContent[0].cpnNote5 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote5.escapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote6 != null && couponContent[0].cpnNote6 != '')
-				html += '                  <li>' + couponContent[0].cpnNote6 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote6.escapeHtml();+'</li>\n';
 			if(couponContent[0].cpnNote7 != null && couponContent[0].cpnNote7 != '')
-				html += '                  <li>' + couponContent[0].cpnNote7 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote7.escapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote8 != null && couponContent[0].cpnNote8 != '')
-				html += '                  <li>' + couponContent[0].cpnNote8 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote8.escapeHtml(); +'</li>\n';
 			if(couponContent[0].cpnNote9 != null && couponContent[0].cpnNote9 != '')
-				html += '                  <li>' + couponContent[0].cpnNote9 +'</li>\n';
+				html += '                  <li>' + couponContent[0].cpnNote9.escapeHtml(); +'</li>\n';
 			html += '               </ul>\n';
 			html += '            </div>                                                                '; 
 			html += '        </div>                                                                    ';