fix another xss vuln

This commit is contained in:
rlx 2016-01-10 15:17:41 +05:30
parent e24ed24ee5
commit 38779d2576

View file

@ -122,7 +122,10 @@ oml.ui.importExportDialog = function(selected) {
lists.length ? [{}] : []
).concat(
lists.map(function(list) {
return {id: list.name, title: list.name};
return {
id: Ox.encodeHTMLEntities(list.name),
title: Ox.encodeHTMLEntities(list.name)
};
})
).concat(selected == 'import' ? [
{},