Maria: Fixed HTML escaping

154f4f70 · Pascal Hartig · 00435de1 · 154f4f70
Commit 154f4f70 authored Feb 14, 2013 by Pascal Hartig
Show whitespace changes
Inline Side-by-side

Showing with 5 additions and 1 deletion

labs/architecture-examples/maria/src/js/util.js labs/architecture-examples/maria/src/js/util.js +5 -1

No files found.
--- a/labs/architecture-examples/maria/src/js/util.js
+++ b/labs/architecture-examples/maria/src/js/util.js
@@ -6,7 +6,11 @@ checkit.isBlank = function(str) {
 };
 checkit.escapeHTML = function(str) {
-	return str.replace('&', '&amp;').replace('<', '&lt;');
+	return String(str)
+		.replace(/&(?!\w+;)/g, '&amp;')
+		.replace(/</g, '&lt;')
+		.replace(/>/g, '&gt;')
+		.replace(/"/g, '&quot;');
 };
 checkit.isEnterKeyCode = function(keyCode) {