From 58d284419c6906791420312a3064e33fb0da2d79 Mon Sep 17 00:00:00 2001
From: Tom Needham <needham.thomas@gmail.com>
Date: Tue, 4 Oct 2011 15:27:29 +0100
Subject: [PATCH] HTML data is now encoded before being shown.

---
 apps/files_texteditor/js/editor.js | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/apps/files_texteditor/js/editor.js b/apps/files_texteditor/js/editor.js
index 743a896dcd..e6364a3ec6 100644
--- a/apps/files_texteditor/js/editor.js
+++ b/apps/files_texteditor/js/editor.js
@@ -78,7 +78,7 @@ function updateSessionFileHash(path){
 
 function doFileSave(){
 	if(editorIsShown()){
-	$('#editor_save').val(t('files_texteditor','Saving')+'...');
+	$('#editor_save').val(t('files_texteditor','Saving')+'...').css('background-color','#84E79F');
 		var filecontents = window.aceEditor.getSession().getValue();
 		var dir =  $('#editor').attr('data-dir');
 		var file =  $('#editor').attr('data-filename');
@@ -125,12 +125,11 @@ function showFileEditor(dir,filename){
 	var data = $.ajax({
 			url: OC.filePath('files','ajax','download.php')+'?files='+encodeURIComponent(filename)+'&dir='+encodeURIComponent(dir),
 			complete: function(data){
-				var data = data.responseText;
 				// Initialise the editor
 				updateSessionFileHash(dir+'/'+filename);
 				showControlBar(filename);
 				$('table').fadeOut('slow', function() {
-					$('#editor').html(data);
+					$('#editor').text(data.responseText);
 					// encodeURIComponenet?
 					$('#editor').attr('data-dir', dir);
 					$('#editor').attr('data-filename', filename);