Sutty/trabajo-afectivo
5
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Added html escaping.

Browse source
This commit is contained in:
Martin Edenhofer 2015-01-20 01:33:49 +01:00
parent 0879e4e296
commit aebb5ad4b4
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/assets/javascripts/app/lib/base/jquery.textmodule.js
View file

@ -351,9 +351,9 @@
console.log('result', term, result) console.log('result', term, result)
for (var i = 0; i < result.length; i++) { for (var i = 0; i < result.length; i++) {
var item = result[i] var item = result[i]
var template = "<li><a href=\"#\" class=\"u-textTruncate\" data-id=" + item.id + ">" + item.name var template = "<li><a href=\"#\" class=\"u-textTruncate\" data-id=" + item.id + ">" + App.Utils.htmlEscape(item.name)
if (item.keywords) { if (item.keywords) {
template = template + " (" + item.keywords + ")" template = template + " (" + App.Utils.htmlEscape(item.keywords) + ")"
} }
template = template + "</a></li>" template = template + "</a></li>"
this.$widget.find('ul').append(template) this.$widget.find('ul').append(template)