[bookmarks-by-zaso] escape HTML in search results

2015-02-14 14:49:03 +01:00 · 2015-02-14 14:49:03 +01:00 · 9e72abb7cb
commit 9e72abb7cb
parent f9db2c3861
1 changed files with 4 additions and 4 deletions
--- a/plugins/bookmarks-by-zaso.user.js
+++ b/plugins/bookmarks-by-zaso.user.js
@ -487,8 +487,8 @@
        if(bookmark.label.toLowerCase().indexOf(term) === -1) return;

        query.addResult({
-          title: bookmark.label,
-          description: 'Map in folder "' + folder.label + '"',
+          title: escapeHtmlSpecialChars(bookmark.label),
+          description: 'Map in folder "' + escapeHtmlSpecialChars(folder.label) + '"',
          icon: '@@INCLUDEIMAGE:images/icon-bookmark-map.png@@',
          position: L.latLng(bookmark.latlng.split(",")),
          zoom: bookmark.z,
@ -502,8 +502,8 @@
        if(bookmark.label.toLowerCase().indexOf(term) === -1) return;

        query.addResult({
-          title: bookmark.label,
-          description: 'Bookmark in folder "' + folder.label + '"',
+          title: escapeHtmlSpecialChars(bookmark.label),
+          description: 'Bookmark in folder "' + escapeHtmlSpecialChars(folder.label) + '"',
          icon: '@@INCLUDEIMAGE:images/icon-bookmark.png@@',
          position: L.latLng(bookmark.latlng.split(",")),
          guid: bookmark.guid,