nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

escape all passed params in js - fixes #2922

Browse source
This commit is contained in:
Florian Staudacher 2012-02-24 14:09:54 +01:00
parent d54ff5f341
commit 663a5a0e7c
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/views/status_messages/bookmarklet.html.haml
View file

@ -47,7 +47,7 @@
window.setTimeout(window.close, 2000, true);
});
var contents = "#{params[:title]} - #{params[:url]}";
var contents = "#{escape_javascript params[:title]} - #{escape_javascript params[:url]}";
var notes = "#{escape_javascript params[:notes]}";
if (notes.length > 0){
contents = contents + " - " + notes;