fix SSF-50

author: Stas Vilchik <vilchiks@gmail.com> 2016-09-15 16:33:15 +0200
committer: Stas Vilchik <vilchiks@gmail.com> 2016-09-15 16:33:15 +0200
commit: ff3377f4bcb5b97c16d7bee5d2dd0cae9b95cf9e (patch)
tree: 74154cbb378307f3ae0c0a0088c374151b8242b2
parent: d1c0148e374c5d6ccc7a2469eb468389a42ae9ef (diff)
download: sonarqube-ff3377f4bcb5b97c16d7bee5d2dd0cae9b95cf9e.tar.gz
sonarqube-ff3377f4bcb5b97c16d7bee5d2dd0cae9b95cf9e.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/server/sonar-web/src/main/js/main/processes.js b/server/sonar-web/src/main/js/main/processes.js
index a8ff4f63c69..c8a8fb935ed 100644
--- a/server/sonar-web/src/main/js/main/processes.js
+++ b/server/sonar-web/src/main/js/main/processes.js
@@ -21,6 +21,7 @@ import $ from 'jquery';
 import _ from 'underscore';
 import Backbone from 'backbone';
 import Marionette from 'backbone.marionette';
+import escapeHtml from 'escape-html';
 import { translate } from '../helpers/l10n';
 
 const defaults = {
@@ -159,7 +160,7 @@ function handleAjaxError (jqXHR) {
     if (jqXHR.responseJSON != null && jqXHR.responseJSON.errors != null) {
       message = _.pluck(jqXHR.responseJSON.errors, 'msg').join('. ');
     }
-    failBackgroundProcess(jqXHR.processId, message);
+    failBackgroundProcess(jqXHR.processId, escapeHtml(message));
   }
 }
author	Stas Vilchik <vilchiks@gmail.com>	2016-09-15 16:33:15 +0200
committer	Stas Vilchik <vilchiks@gmail.com>	2016-09-15 16:33:15 +0200
commit	ff3377f4bcb5b97c16d7bee5d2dd0cae9b95cf9e (patch)
tree	74154cbb378307f3ae0c0a0088c374151b8242b2
parent	d1c0148e374c5d6ccc7a2469eb468389a42ae9ef (diff)
download	sonarqube-ff3377f4bcb5b97c16d7bee5d2dd0cae9b95cf9e.tar.gz sonarqube-ff3377f4bcb5b97c16d7bee5d2dd0cae9b95cf9e.zip