diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2014-06-14 20:56:54 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2014-06-14 20:56:54 +0200 |
| commit | 35740cf9412c92b649db97a0cf7549f740dcbd27 (patch) | |
| tree | 28d2fc242b511eb2f25fd8a52d9e732e810511a3 /core/js | |
| parent | 1066f4ec9a47a214e19f16d3fd11947c3c29643c (diff) | |
| download | nextcloud-server-35740cf9412c92b649db97a0cf7549f740dcbd27.tar.gz nextcloud-server-35740cf9412c92b649db97a0cf7549f740dcbd27.zip | |
Do even more sanitization
Diffstat (limited to 'core/js')
| -rw-r--r-- | core/js/share.js | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/core/js/share.js b/core/js/share.js index dc808c295b9..e164602d0ab 100644 --- a/core/js/share.js +++ b/core/js/share.js @@ -199,10 +199,10 @@ OC.Share={ message = t('core', 'Shared'); // even if reshared, only show "Shared by" if (owner) { - message = t('files_sharing', 'Shared by {owner}', {owner: owner}); + message = t('files_sharing', 'Shared by {owner}', {owner: escapeHTML(owner)}); } else if (recipients) { - message = t('core', 'Shared with {recipients}', {recipients: recipients}); + message = t('core', 'Shared with {recipients}', {recipients: escapeHTML(recipients)}); } action.html(' <span>'+ message + '</span>').prepend(img); } @@ -337,9 +337,9 @@ OC.Share={ var defaultExpireMessage = ''; if ((itemType === 'folder' || itemType === 'file') && oc_appconfig.core.defaultExpireDateEnabled) { if (oc_appconfig.core.defaultExpireDateEnforced) { - defaultExpireMessage = t('core', 'The public link will expire no later than {days} days after it is created', {'days': oc_appconfig.core.defaultExpireDate}) + '<br/>'; + defaultExpireMessage = t('core', 'The public link will expire no later than {days} days after it is created', {'days': escapeHTML(oc_appconfig.core.defaultExpireDate)}) + '<br/>'; } else { - defaultExpireMessage = t('core', 'By default the public link will expire after {days} days', {'days': oc_appconfig.core.defaultExpireDate}) + '<br/>'; + defaultExpireMessage = t('core', 'By default the public link will expire after {days} days', {'days': escapeHTML(oc_appconfig.core.defaultExpireDate)}) + '<br/>'; } } @@ -537,7 +537,7 @@ OC.Share={ if (collectionList.length > 0) { $(collectionList).append(', '+shareWithDisplayName); } else { - var html = '<li style="clear: both;" data-collection="'+item+'">'+t('core', 'Shared in {item} with {user}', {'item': item, user: shareWithDisplayName})+'</li>'; + var html = '<li style="clear: both;" data-collection="'+item+'">'+t('core', 'Shared in {item} with {user}', {'item': escapeHTML(item), user: escapeHTML(shareWithDisplayName)})+'</li>'; $('#shareWithList').prepend(html); } } else { |