From 2f664ceccc9249207eb1e35c793af85c82600595 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20D=C3=BCsterhus?= Date: Sun, 1 Jul 2012 13:59:14 +0200 Subject: [PATCH] Escaping HTML in userlist --- file/js/be.bastelstu.WCF.Chat.coffee | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/file/js/be.bastelstu.WCF.Chat.coffee b/file/js/be.bastelstu.WCF.Chat.coffee index d4dc64e..74c2061 100644 --- a/file/js/be.bastelstu.WCF.Chat.coffee +++ b/file/js/be.bastelstu.WCF.Chat.coffee @@ -366,7 +366,7 @@ window.console ?= li.addClass 'timsChatAway' li.attr 'title', user.awayStatus li.data 'username', user.username - a = $ ''+user.username+'' + a = $ '' + WCF.String.escapeHTML(user.username) + '' a.click $.proxy (event) -> event.preventDefault() @toggleUserMenu $ event.target