mirror of
https://github.com/Mibew/mibew.git
synced 2024-11-15 08:34:11 +03:00
fix: escape user name in JS
git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@458 c66351dc-e62f-0410-b875-e3a5c0b9693f
This commit is contained in:
parent
a0ed8dfa1a
commit
e15e7047b2
@ -1 +1 @@
|
||||
var myAgent="";var ik=0;var myRealAgent="";function jk(){var kk=["opera","msie","safari","firefox","netscape","mozilla"];var ej=navigator.userAgent.toLowerCase();for(var i=0;i<kk.length;i++){var lk=kk[i];if(ej.indexOf(lk)!=-1){myAgent=lk;if(!window.RegExp)break;var ok=new RegExp(lk+"[ \/]?([0-9]+(\.[0-9]+)?)");if(ok.exec(ej)!=null){ik=parseFloat(RegExp.$1);} break;} } myRealAgent=myAgent;if(navigator.product=="Gecko")myAgent="moz";} jk();function getEl(name){return document.getElementById(name);}
|
||||
var myAgent="";var kk=0;var myRealAgent="";function lk(){var ok=["opera","msie","safari","firefox","netscape","mozilla"];var gj=navigator.userAgent.toLowerCase();for(var i=0;i<ok.length;i++){var pk=ok[i];if(gj.indexOf(pk)!=-1){myAgent=pk;if(!window.RegExp)break;var dk=new RegExp(pk+"[ \/]?([0-9]+(\.[0-9]+)?)");if(dk.exec(gj)!=null){kk=parseFloat(RegExp.$1);} break;} } myRealAgent=myAgent;if(navigator.product=="Gecko")myAgent="moz";} lk();function getEl(name){return document.getElementById(name);}
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -347,7 +347,7 @@ var Chat = {
|
||||
Chat.threadUpdater.changeName($('uname').value);
|
||||
$('changename1').style.display='none';
|
||||
$('changename2').style.display='inline';
|
||||
$('unamelink').innerHTML=$('uname').value;
|
||||
$('unamelink').innerHTML = htmlescape($('uname').value);
|
||||
},
|
||||
|
||||
showNameField: function() {
|
||||
|
@ -543,3 +543,7 @@ function playSound(wav_file) {
|
||||
player.innerHTML = '<div style="position: static; width: 0px; height: 0px"><embed type="'+getWavMimeType()+'" src="'+wav_file+'" hidden="true" loop="false" autostart="true"></div>';
|
||||
}
|
||||
}
|
||||
|
||||
function htmlescape(str) {
|
||||
return str.replace('&','&').replace('<','<').replace('>','>').replace('"','"');
|
||||
}
|
File diff suppressed because one or more lines are too long
Loading…
Reference in New Issue
Block a user