]> source.dussan.org Git - nextcloud-server.git/commitdiff
projects / nextcloud-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f8ec280)
use new sanitizeHTML() function
authorBjoern Schiessle <schiessle@owncloud.com>
Thu, 21 Jun 2012 08:28:43 +0000 (10:28 +0200)
committerBjoern Schiessle <schiessle@owncloud.com>
Thu, 21 Jun 2012 08:28:43 +0000 (10:28 +0200)
apps/files/templates/part.breadcrumb.php patch | blob | history
apps/files_texteditor/js/editor.js patch | blob | history

diff --git a/apps/files/templates/part.breadcrumb.php b/apps/files/templates/part.breadcrumb.php
index 43fe2d1fa95cedd52368a9d231f2e4c1ca3c5ee4..22d9bb4490df64a51b6d3495dc248264eac25cf1 100644 (file)
--- a/apps/files/templates/part.breadcrumb.php
+++ b/apps/files/templates/part.breadcrumb.php
@@ -1,6 +1,6 @@
        <?php for($i=0; $i<count($_["breadcrumb"]); $i++):
         $crumb = $_["breadcrumb"][$i]; ?>
                <div class="crumb <?php if($i == count($_["breadcrumb"])-1) echo 'last';?> svg" data-dir='<?php echo $crumb["dir"];?>' style='background-image:url("<?php echo OCP\image_path('core','breadcrumb.png');?>")'>
-               <a href="<?php echo $_['baseURL'].$crumb["dir"]; ?>"><?php echo htmlentities($crumb["name"],ENT_COMPAT,'utf-8'); ?></a>
+               <a href="<?php echo $_['baseURL'].$crumb["dir"]; ?>"><?php echo OCP\Util::sanitizeHTML($crumb["name"]); ?></a>
                </div>
        <?php endfor;?>
diff --git a/apps/files_texteditor/js/editor.js b/apps/files_texteditor/js/editor.js
index 70bb74a91013cc3ad4f154b9faa0c3f3c3d0c033..9d168c1c4f6cf13d30da5dc08113b87f99bb2060 100644 (file)
--- a/apps/files_texteditor/js/editor.js
+++ b/apps/files_texteditor/js/editor.js
@@ -67,7 +67,7 @@ function setSyntaxMode(ext){
 function showControls(filename,writeperms){
        // Loads the control bar at the top.
        // Load the new toolbar.
-       var editorbarhtml = '<div id="editorcontrols" style="display: none;"><div class="crumb svg last" id="breadcrumb_file" style="background-image:url(&quot;'+OC.imagePath('core','breadcrumb.png')+'&quot;)"><p>'+filename.replace(/</, "&lt;").replace(/>/, "&gt;")+'</p></div>';
+       var editorbarhtml = '<div id="editorcontrols" style="display: none;"><div class="crumb svg last" id="breadcrumb_file" style="background-image:url(&quot;'+OC.imagePath('core','breadcrumb.png')+'&quot;)"><p>'+filename+'</p></div>';
        if(writeperms=="true"){
                editorbarhtml += '<button id="editor_save">'+t('files_texteditor','Save')+'</button><div class="separator"></div>';
        }
Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server