1
0
mirror of synced 2024-11-26 23:06:02 +03:00

Merge pull request #703 from jelte12345/master

Fixed my own XSS pull request to actually work
This commit is contained in:
Igor Vaynberg 2013-01-14 09:52:40 -08:00
commit fcea1523fd

View File

@ -2450,16 +2450,15 @@ the specific language governing permissions and limitations under the Apache Lic
escapeMarkup: function (markup) { escapeMarkup: function (markup) {
var replace_map = { var replace_map = {
'\\': '\', '\\': '\',
'&': '&#amp;', '&': '&',
'<': '&#lt;', '<': '&lt;',
'>': '&#rt;', '>': '&gt;',
'"': '&#quot;', '"': '&quot;',
"'": '&#39;', "'": '&apos;',
"/": '&#x2F;' "/": '&#47;'
}; };
//'--': '-&#45;'
return String(html).replace(/[&<>"'/\\]/g, function (match) { return String(markup).replace(/[&<>"'/\\]/g, function (match) {
return replace_map[match[0]]; return replace_map[match[0]];
}); });