RetailCRM-Mirror/select2
1
0
Fork 0
mirror of synced 2024-11-23 05:26:10 +03:00
Code Issues Projects Releases Wiki Activity

Merge pull request #703 from jelte12345/master

Browse Source 
Fixed my own XSS pull request to actually work
This commit is contained in:
Igor Vaynberg 2013-01-14 09:52:40 -08:00
commit fcea1523fd
1 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
select2.js
View File

@ -2450,16 +2450,15 @@ the specific language governing permissions and limitations under the Apache Lic
escapeMarkup: function (markup) { escapeMarkup: function (markup) {
var replace_map = { var replace_map = {
'\\': '\', '\\': '\',
'&': '&#amp;', '&': '&',
'<': '&#lt;', '<': '&lt;',
'>': '&#rt;', '>': '&gt;',
'"': '&#quot;', '"': '&quot;',
"'": '&#39;', "'": '&apos;',
"/": '&#x2F;' "/": '&#47;'
}; };
//'--': '-&#45;'
return String(html).replace(/[&<>"'/\\]/g, function (match) { return String(markup).replace(/[&<>"'/\\]/g, function (match) {
return replace_map[match[0]]; return replace_map[match[0]];
}); });