summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorMantas Mikulėnas <grawity@gmail.com>2012-10-10 23:00:25 +0200
committerLennart Poettering <lennart@poettering.net>2012-10-10 23:00:59 +0200
commit522795e07742b4e804896147a21e026bb34602ba (patch)
tree319fe7b59cdf2f7cd0b992a5177f85be16b3ee59 /src
parentc6511e859c35b12de4e6fb5f58d7258d9de3b8f2 (diff)
journal: properly escape HTML entities in browse.html
Diffstat (limited to 'src')
-rw-r--r--src/journal/browse.html6
1 files changed, 5 insertions, 1 deletions
diff --git a/src/journal/browse.html b/src/journal/browse.html
index 068b296da1..362611b1c2 100644
--- a/src/journal/browse.html
+++ b/src/journal/browse.html
@@ -177,6 +177,10 @@
return u.toString() + " B";
}
+ function escapeHTML(s) {
+ return s.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
+ }
+
function machineOnResult(event) {
if ((event.currentTarget.readyState != 4) ||
(event.currentTarget.status != 200 && event.currentTarget.status != 0))
@@ -310,7 +314,7 @@
else if (d.MESSAGE instanceof Array)
buf += "[" + formatBytes(d.MESSAGE.length) + " blob data]";
else
- buf += d.MESSAGE;
+ buf += escapeHTML(d.MESSAGE);
buf += '</a></td></tr>';
}