mirror of
https://github.com/wbbaddons/Tims-Chat.git
synced 2024-12-22 21:40:08 +00:00
Escaping HTML in userlist
This commit is contained in:
parent
a2c7691e46
commit
2f664ceccc
@ -366,7 +366,7 @@ window.console ?=
|
||||
li.addClass 'timsChatAway'
|
||||
li.attr 'title', user.awayStatus
|
||||
li.data 'username', user.username
|
||||
a = $ '<a href="javascript:;">'+user.username+'</a>'
|
||||
a = $ '<a href="javascript:;">' + WCF.String.escapeHTML(user.username) + '</a>'
|
||||
a.click $.proxy (event) ->
|
||||
event.preventDefault()
|
||||
@toggleUserMenu $ event.target
|
||||
|
Loading…
Reference in New Issue
Block a user