Added proper escaping to OptionGroup item icon URLs (#13310)

Change-Id: Id0dea437e04e829567b31df3e9c496cd5adc09b8

diff --git a/client/src/com/vaadin/client/ui/VOptionGroup.java b/client/src/com/vaadin/client/ui/VOptionGroup.java
index fee1c313f5ccc106598dcf82ffada96cb7a49047..fe4ef214cb24751fd662b6d3e2dbb7eaaf49c0b5 100644 (file)
--- a/client/src/com/vaadin/client/ui/VOptionGroup.java
+++ b/client/src/com/vaadin/client/ui/VOptionGroup.java
@@ -142,8 +142,9 @@ public class VOptionGroup extends VOptionGroupBase implements FocusHandler,
             String icon = opUidl.getStringAttribute("icon");
             if (icon != null && icon.length() != 0) {
                 String iconUrl = client.translateVaadinUri(icon);
-                itemHtml = "<img src=\"" + iconUrl + "\" class=\""
-                        + Icon.CLASSNAME + "\" alt=\"\" />" + itemHtml;
+                itemHtml = "<img src=\"" + Util.escapeAttribute(iconUrl)
+                        + "\" class=\"" + Icon.CLASSNAME + "\" alt=\"\" />"
+                        + itemHtml;
             }
 
             String key = opUidl.getStringAttribute("key");