IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-29 04:03:57 -06:00
Code Issues Packages Projects Releases Wiki Activity

Combobox view: escape name string.

Browse Source
This commit is contained in:
Vikhyat Korrapati 2014-03-19 15:34:43 +05:30
parent 50ce93a850
commit 8163fcade7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/assets/javascripts/discourse/views/combobox_view.js
View File

@ -42,7 +42,7 @@ Discourse.ComboboxView = Discourse.View.extend({
if (val) { val = val.toString(); }
var selectedText = (val === selected) ? "selected" : "";
buffer.push("<option " + selectedText + " value=\"" + val + "\" " + self.buildData(o) + ">" + Em.get(o, nameProperty) + "</option>");
buffer.push("<option " + selectedText + " value=\"" + val + "\" " + self.buildData(o) + ">" + Handlebars.Utils.escapeExpression(Em.get(o, nameProperty)) + "</option>");
});
}
},