SONAR-4580 If project name contains a quote, it will not be added in the recent proje...

diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_projects.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_projects.html.erb
index 3a4879105011cabd391a5888ea1605ef46932f8e..3db19d7fd4b2c65b38194cc5c342436faead9c18 100644 (file)
--- a/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_projects.html.erb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/views/layouts/_menu_projects.html.erb
@@ -34,8 +34,8 @@
      if @resource && Project.root_qualifiers.include?(@resource.qualifier)
   %>
   else {
-    sonarRecentHistory.add('<%= h @resource.key -%>',
-                           '<%= h @resource.name -%>',
+    sonarRecentHistory.add('<%= escape_javascript(h(@resource.key)) -%>',
+                           '<%= escape_javascript(h(@resource.name)) -%>',
                            '<%= Api::Utils.java_facade.getResourceType(@resource.qualifier).getIconPath() -%>');
   }
   <% end %>