summaryrefslogtreecommitdiffstats
path: root/settings
diff options
context:
space:
mode:
authorBjoern Schiessle <schiessle@owncloud.com>2012-06-18 09:42:31 +0200
committerBjoern Schiessle <schiessle@owncloud.com>2012-06-18 09:42:31 +0200
commit91f69858e49c3981d31eeee428c7bf3cd5e142fe (patch)
treed914789e5962407a7868ff29b46110604f8e6181 /settings
parente5feb4e1aab49fe658f65e9503b268eb3f41882d (diff)
downloadnextcloud-server-91f69858e49c3981d31eeee428c7bf3cd5e142fe.tar.gz
nextcloud-server-91f69858e49c3981d31eeee428c7bf3cd5e142fe.zip
escape log messages to avoid possible js execution
Diffstat (limited to 'settings')
-rw-r--r--settings/js/log.js2
1 files changed, 1 insertions, 1 deletions
diff --git a/settings/js/log.js b/settings/js/log.js
index 6063c7d9a9f..bde8b8b104c 100644
--- a/settings/js/log.js
+++ b/settings/js/log.js
@@ -39,7 +39,7 @@ OC.Log={
row.append(appTd);
var messageTd=$('<td/>');
- messageTd.text(entry.message);
+ messageTd.text(entry.message.replace(/</, "&lt;").replace(/>/, "&gt;"));
row.append(messageTd);
var timeTd=$('<td/>');
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-01 10:17:10 +0000