journal: properly escape HTML entities in browse.html
This commit is contained in:
parent
c6511e859c
commit
522795e077
|
@ -177,6 +177,10 @@
|
|||
return u.toString() + " B";
|
||||
}
|
||||
|
||||
function escapeHTML(s) {
|
||||
return s.replace(/&/g, "&").replace(/</g, "<").replace(/>/g, ">");
|
||||
}
|
||||
|
||||
function machineOnResult(event) {
|
||||
if ((event.currentTarget.readyState != 4) ||
|
||||
(event.currentTarget.status != 200 && event.currentTarget.status != 0))
|
||||
|
@ -310,7 +314,7 @@
|
|||
else if (d.MESSAGE instanceof Array)
|
||||
buf += "[" + formatBytes(d.MESSAGE.length) + " blob data]";
|
||||
else
|
||||
buf += d.MESSAGE;
|
||||
buf += escapeHTML(d.MESSAGE);
|
||||
|
||||
buf += '</a></td></tr>';
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue