picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

journal: properly escape HTML entities in browse.html

This commit is contained in:
Mantas Mikulėnas 2012-10-10 23:00:25 +02:00 committed by Lennart Poettering
parent c6511e859c
commit 522795e077
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/journal/browse.html
View File

@ -177,6 +177,10 @@
return u.toString() + " B";
}
function escapeHTML(s) {
return s.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
}
function machineOnResult(event) {
if ((event.currentTarget.readyState != 4) ||
(event.currentTarget.status != 200 && event.currentTarget.status != 0))
@ -310,7 +314,7 @@
else if (d.MESSAGE instanceof Array)
buf += "[" + formatBytes(d.MESSAGE.length) + " blob data]";
else
buf += d.MESSAGE;
buf += escapeHTML(d.MESSAGE);
buf += '</a></td></tr>';
}