Sanitize shareWith

This commit is contained in:
Lukas Reschke 2013-03-04 00:54:21 +01:00
parent ef01e0cdc5
commit 577945bd33

View file

@ -309,12 +309,12 @@ OC.Share={
if (permissions & OC.PERMISSION_SHARE) {
shareChecked = 'checked="checked"';
}
var html = '<li style="clear: both;" data-share-type="'+shareType+'" data-share-with="'+shareWith+'" title="' + shareWith + '">';
var html = '<li style="clear: both;" data-share-type="'+escapeHTML(shareType)+'" data-share-with="'+escapeHTML(shareWith)+'" title="' + escapeHTML(shareWith) + '">';
html += '<a href="#" class="unshare" style="display:none;"><img class="svg" alt="'+t('core', 'Unshare')+'" src="'+OC.imagePath('core', 'actions/delete')+'"/></a>';
if(shareWith.length > 14){
html += shareWithDisplayName.substr(0,11) + '...';
html += escapeHTML(shareWithDisplayName.substr(0,11) + '...');
}else{
html += shareWithDisplayName;
html += escapeHTML(shareWithDisplayName);
}
if (possiblePermissions & OC.PERMISSION_CREATE || possiblePermissions & OC.PERMISSION_UPDATE || possiblePermissions & OC.PERMISSION_DELETE) {
if (editChecked == '') {