1
0
mirror of synced 2024-11-23 05:26:10 +03:00

Merge pull request #703 from jelte12345/master

Fixed my own XSS pull request to actually work
This commit is contained in:
Igor Vaynberg 2013-01-14 09:52:40 -08:00
commit fcea1523fd

View File

@ -2450,16 +2450,15 @@ the specific language governing permissions and limitations under the Apache Lic
escapeMarkup: function (markup) {
var replace_map = {
'\\': '\',
'&': '&#amp;',
'<': '&#lt;',
'>': '&#rt;',
'"': '&#quot;',
"'": '&#39;',
"/": '&#x2F;'
'&': '&amp;',
'<': '&lt;',
'>': '&gt;',
'"': '&quot;',
"'": '&apos;',
"/": '&#47;'
};
//'--': '-&#45;'
return String(html).replace(/[&<>"'/\\]/g, function (match) {
return String(markup).replace(/[&<>"'/\\]/g, function (match) {
return replace_map[match[0]];
});