diff --git a/static/js/browser.js b/static/js/browser.js index 7c4a07a..1df55e3 100644 --- a/static/js/browser.js +++ b/static/js/browser.js @@ -39,15 +39,15 @@ oml.ui.browser = function() { }).join(', ') + ')', WebkitTransform: 'rotate(45deg)' }) - .html( + .text( ui.iconInfo == 'extension' ? data.extension.toUpperCase() : Ox.formatValue(data.size, 'B') ) : null, height: height, id: data.id, - info: info, - title: data.title, + info: Ox.encodeHTMLEntities(info), + title: Ox.encodeHTMLEntities(data.title), url: '/' + data.id + '/' + ui.icons + '128.jpg?' + data.modified, width: width }; diff --git a/static/js/folderList.js b/static/js/folderList.js index e166c4d..e4d77cc 100644 --- a/static/js/folderList.js +++ b/static/js/folderList.js @@ -28,6 +28,7 @@ oml.ui.folderList = function(options) { width: 16 }, { + format: Ox.encodeHTMLEntities, id: 'name', visible: true, width: ui.sidebarSize - 16 - 48, diff --git a/static/js/folders.js b/static/js/folders.js index 4e3bc82..bec05c1 100644 --- a/static/js/folders.js +++ b/static/js/folders.js @@ -136,7 +136,7 @@ oml.ui.folders = function() { 'part.preferences': 'account' }); } else { - oml.UI.set({page: 'users'}) + oml.UI.set({page: 'users'}); } } }) diff --git a/static/js/gridView.js b/static/js/gridView.js index f35783b..4e88c7a 100644 --- a/static/js/gridView.js +++ b/static/js/gridView.js @@ -39,15 +39,15 @@ oml.ui.gridView = function() { MozTransform: 'rotate(45deg)', WebkitTransform: 'rotate(45deg)' }) - .html( + .text( ui.iconInfo == 'extension' ? data.extension.toUpperCase() : Ox.formatValue(data.size, 'B') ) : null, height: height, id: data.id, - info: info, - title: data.title, + info: Ox.encodeHTMLEntities(info), + title: Ox.encodeHTMLEntities(data.title), url: '/' + data.id + '/' + ui.icons + '128.jpg?' + data.modified, width: width }; diff --git a/static/js/info.js b/static/js/info.js index 6873347..0d64462 100644 --- a/static/js/info.js +++ b/static/js/info.js @@ -43,19 +43,17 @@ oml.ui.info = function() { .css({ fontWeight: 'bold' }) - .html(data.title || '') + .text(data.title || '') .appendTo(that); $('
') .css({ fontWeight: 'bold' }) - .html((data.author || []).join(', ')) + .text((data.author || []).join(', ')) .appendTo(that); $('
') .css({marginTop: '8px'}) - .html( - Ox.encodeHTMLEntities(result.data.description || '') - ) + .text(result.data.description || '') .appendTo(that); $('
') .css({height: '16px'}) diff --git a/static/js/listView.js b/static/js/listView.js index ea32e8c..08915f8 100644 --- a/static/js/listView.js +++ b/static/js/listView.js @@ -13,7 +13,9 @@ oml.ui.listView = function() { Ox.isArray(key.type) ? key.type[0]: key.type ) > -1 ? 'left' : key.type == 'list' ? 'center' : 'right', defaultWidth: key.columnWidth, - format: key.format, + format: function(value) { + return Ox.encodeHTMLEntities(key.format(value)); + }, id: key.id, operator: key.operator, position: position,