From d36023763a5dd2c6cd48fc1cbd6d9a4087301331 Mon Sep 17 00:00:00 2001
From: Stas Vilchik <vilchiks@gmail.com>
Date: Mon, 16 Dec 2013 14:34:06 +0600
Subject: [PATCH] SQ 4.1 bugfixes

Fix XSS on favorite filters (issues page edition)
(cherry picked from commit f12a558)
---
 .../WEB-INF/app/views/issues/_filter_favourites2.html.erb       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/issues/_filter_favourites2.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/issues/_filter_favourites2.html.erb
index 845bde92752..4c6dfd34e27 100644
--- a/sonar-server/src/main/webapp/WEB-INF/app/views/issues/_filter_favourites2.html.erb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/views/issues/_filter_favourites2.html.erb
@@ -1,7 +1,7 @@
 <% if logged_in? %>
   {
     <% @favourite_filters.each do |filter| %>
-        '<%= filter.id -%>': '<%= h filter.name -%>',
+      "<%= h filter.id -%>": "<%= escape_javascript filter.name %>",
     <% end %>
   }
 <% else %>
-- 
2.39.5