Browse Source

Merge pull request #914 from rixth/master

Escape github repo descriptions, as they may contain HTML.
unreleased_contents
Brandon Mathis 12 years ago
parent
commit
0a2fb6c4d8
  1. 5
      .themes/classic/source/javascripts/github.js

5
.themes/classic/source/javascripts/github.js

@ -1,9 +1,12 @@
var github = (function(){ var github = (function(){
function escapeHtml(str) {
return $('<div/>').text(str).html();
}
function render(target, repos){ function render(target, repos){
var i = 0, fragment = '', t = $(target)[0]; var i = 0, fragment = '', t = $(target)[0];
for(i = 0; i < repos.length; i++) { for(i = 0; i < repos.length; i++) {
fragment += '<li><a href="'+repos[i].html_url+'">'+repos[i].name+'</a><p>'+(repos[i].description||'')+'</p></li>'; fragment += '<li><a href="'+repos[i].html_url+'">'+repos[i].name+'</a><p>'+escapeHtml(repos[i].description||'')+'</p></li>';
} }
t.innerHTML = fragment; t.innerHTML = fragment;
} }

Loading…
Cancel
Save