Sanitize user input
This commit is contained in:
parent
d7f43945e7
commit
e45f36c2d4
|
@ -45,7 +45,7 @@ function createVersionsDropdown(filename, files) {
|
|||
|
||||
var historyUrl = OC.linkTo('files_versions', 'history.php') + '?path='+encodeURIComponent( $( '#dir' ).val() ).replace( /%2F/g, '/' )+'/'+encodeURIComponent( filename );
|
||||
|
||||
var html = '<div id="dropdown" class="drop drop-versions" data-file="'+files+'">';
|
||||
var html = '<div id="dropdown" class="drop drop-versions" data-file="'+escapeHTML(files)+'">';
|
||||
html += '<div id="private">';
|
||||
html += '<select data-placeholder="Saved versions" id="found_versions" class="chzen-select" style="width:16em;">';
|
||||
html += '<option value=""></option>';
|
||||
|
|
Loading…
Reference in New Issue