0x2620/pandora
2
1
Fork 1
Code Issues 1.2k Pull requests Releases Wiki Activity

properly escape user names and list names

Browse source
This commit is contained in:
rolux 2012-02-22 10:14:07 +00:00
commit 13eec9346b
12 changed files with 68 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

5
static/js/pandora/account.js
View file

@ -379,7 +379,10 @@ pandora.ui.accountWelcomeDialog = function() {
.append(
Ox.Element()
.css({position: 'absolute', left: '96px', top: '16px', width: '192px'})
.html('Welcome, ' + pandora.user.username + '!<br/><br/>Your account has been created.')
.html(
'Welcome, ' + Ox.encodeHTMLEntities(pandora.user.username)
+ '!<br/><br/>Your account has been created.'
)
),
fixedSize: true,
height: 128,