Changeset 26562 for main/trunk

Timestamp:

2012-12-06T16:12:19+13:00 (11 years ago)

Author:

sjm84

Message:

Make sure angle brackets in attributes are properly escaped

File:

• main/trunk/greenstone3/web/interfaces/default/js/debug_scripts.js (modified) (2 diffs)

main/trunk/greenstone3/web/interfaces/default/js/debug_scripts.js

@@ -143 +143 @@
             if(editor.length)
             {
-                var xmlString = editor.val();
+                var xmlString = editor.val().replace(/&/g, "&");
                 try
                 {
@@ -156 +156 @@
                 var url = gs.xsltParams.library_name;
                 var parameters = {"a":"g", "rt":"r", "s":"SaveXMLTemplateToFile", "s1.filePath":_currentFilepath, "s1.namespace":_currentNamespace, "s1.nodename":_currentNodename, "s1.xml":xmlString};
-                
+
                 if(_currentName && _currentName.length > 0){parameters["s1.name"] = _currentName;}
                 if(_currentMatch && _currentMatch.length > 0){parameters["s1.match"] = _currentMatch;}
-                
+
                 _saveButton.val("Saving...");
                 _saveButton.attr("disabled", "disabled");
-                
+
                 $.post(url, parameters)
                 .success(function()