#1014 closed defect (fixed)
InlineEditBox does not encode html entities
| Reported by: | guest | Owned by: | anonymous |
|---|---|---|---|
| Priority: | high | Milestone: | |
| Component: | Widgets | Version: | 0.3 |
| Keywords: | Cc: | ||
| Blocked By: | Blocking: |
Description
Currently the InlineEditBox? does not encode html entities of the user's input.
As a reasult, typing "some text <p> some text" will actually insert a <p> to the document.
worse: typing "some text <some text" will result in a dom problem (?)
Patch (can not attach?)
--- InlineEditBox?.js 2006-06-12 10:29:37.000000000 +0200 +++ InlineEditBox?.js.1 2006-06-21 18:19:09.000000000 +0200 @@ -123,7 +123,9 @@
this.history.push(this.textValue); this.onSave(ee.value, this.textValue); this.textValue = ee.value;
- this.editable.innerHTML = this.textValue;
+ this.editable.innerHTML = ""; + var textNode = document.createTextNode( this.textValue ); + this.editable.appendChild( textNode );
}else{
this.doFade = false;
}
Attachments (1)
Change History (3)
Changed 14 years ago by
| Attachment: | InlineEditBox.js.patch added |
|---|
comment:1 Changed 14 years ago by
| Milestone: | → 0.4 |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
Fixed in [4475]