deac/instiki
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Use Instiki's escapeHTML Method in Templates

Browse source 
Fixes bug reported by Toby Bartels.
This commit is contained in:
Jacques Distler 2010-03-29 09:27:14 -05:00
parent 5f66f8387e
commit 18b5ea9aa6
3 changed files with 86 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/views/wiki/edit.rhtml
View file

@ -71,7 +71,7 @@ function cleanAuthorName() {
document.forms["editForm"].elements["content"].focus();
<%- if [:markdownMML, :markdownPNG, :markdown].include?(@web.markup) and !@page.categories.include?('S5-slideshow') -%>
setupSVGedit('<%= compute_public_path("editor/svg-editor.html", "svg-edit").split(/\?/)[0] %>');
addS5button('<%= CGI.escapeHTML(@page.name) %>');
addS5button('<%= @page.name.escapeHTML %>');
<%- end -%>
//--><!]]>
</script>

2
app/views/wiki/new.rhtml
View file

@ -33,6 +33,6 @@ function cleanAuthorName() {
document.forms["editForm"].elements["content"].focus();
<%- if [:markdownMML, :markdownPNG, :markdown].include?(@web.markup) -%>
setupSVGedit('<%= compute_public_path("editor/svg-editor.html", "svg-edit").split(/\?/)[0] %>');
addS5button('<%= CGI.escapeHTML(@page_name) %>');
addS5button('<%= @page_name.escapeHTML %>');
<%- end -%>
</script>

84
public/svg-edit/editor/jquery-ui/jquery-ui-1.8.custom.min.js vendored Executable file
View file

File diff suppressed because one or more lines are too long