mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

properly escape variable

This commit is contained in:
Jan-Christoph Borchardt 2014-12-18 17:19:23 +01:00
parent 96ae18db59
commit cd81687a38
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/files/js/file-upload.js
View File

@ -579,7 +579,7 @@ OC.Upload = {
input.val(newName); input.val(newName);
input.attr('id', fileType); input.attr('id', fileType);
} }
var label = $('<label class="hidden-visually" for="">' + newName + '</label>'); var label = $('<label class="hidden-visually" for="">' + escapeHTML(newName) + '</label>');
label.attr('for', fileType); label.attr('for', fileType);
form.append(label).append(input); form.append(label).append(input);