mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

escape log messages to avoid possible js execution

This commit is contained in:
Bjoern Schiessle 2012-06-18 09:42:31 +02:00
parent d8048414aa
commit 9d0cfacd67
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
settings/js/log.js
View File

@ -39,7 +39,7 @@ OC.Log={
row.append(appTd);
var messageTd=$('<td/>');
messageTd.text(entry.message);
messageTd.text(entry.message.replace(/</, "&lt;").replace(/>/, "&gt;"));
row.append(messageTd);
var timeTd=$('<td/>');