From 1f2cfb942f8ac5549b1fe3172501e3486415530e Mon Sep 17 00:00:00 2001
From: Scott González <scott.gonzalez@gmail.com>
Date: Mon, 19 Jul 2010 15:45:30 -0400
Subject: Autocomplete: Render items as text, not HTML. Fixes #5275 -
 suggestions are not html-encoded.

As noted in the ticket, it's probably better to default to unstyled items to prevent problems. Users can still implement their own rendering method as shown in the custom data and display demo.
---
 ui/jquery.ui.autocomplete.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ui')

diff --git a/ui/jquery.ui.autocomplete.js b/ui/jquery.ui.autocomplete.js
index c25a8884f..27bfe941c 100644
--- a/ui/jquery.ui.autocomplete.js
+++ b/ui/jquery.ui.autocomplete.js
@@ -304,7 +304,7 @@ $.widget( "ui.autocomplete", {
 	_renderItem: function( ul, item) {
 		return $( "<li></li>" )
 			.data( "item.autocomplete", item )
-			.append( "<a>" + item.label + "</a>" )
+			.append( $( "<a></a>" ).text( item.label ) )
 			.appendTo( ul );
 	},
 
-- 
cgit v1.2.3