mirrors/etherpad-lite
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-04-22 16:36:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 33

The value of all href attributes is escaped.

Browse source
This commit is contained in:
Chad Weider 2012-01-14 14:50:23 -08:00
parent 6e36b59a59
commit 387dd4a48b
4 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
static/js/domline.js
View file

@ -162,7 +162,7 @@ domline.createDomLine = function(nonEmpty, doesWrap, optBrowser, optDocument)
{
href = "http://"+href;
}
extraOpenTags = extraOpenTags + '<a href="' + href.replace(/\"/g, '&quot;') + '">';
extraOpenTags = extraOpenTags + '<a href="' + domline.escapeHTML(href) + '">';
extraCloseTags = '</a>' + extraCloseTags;
}
if (simpleTags)