From 9e72abb7cb6d58daddd64294822f8aaf0d176316 Mon Sep 17 00:00:00 2001
From: fkloft <felix.kloft+github@gmail.com>
Date: Sat, 14 Feb 2015 14:49:03 +0100
Subject: [PATCH] [bookmarks-by-zaso] escape HTML in search results

---
 plugins/bookmarks-by-zaso.user.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/plugins/bookmarks-by-zaso.user.js b/plugins/bookmarks-by-zaso.user.js
index 930a96fc..6ab48e41 100644
--- a/plugins/bookmarks-by-zaso.user.js
+++ b/plugins/bookmarks-by-zaso.user.js
@@ -487,8 +487,8 @@
         if(bookmark.label.toLowerCase().indexOf(term) === -1) return;
 
         query.addResult({
-          title: bookmark.label,
-          description: 'Map in folder "' + folder.label + '"',
+          title: escapeHtmlSpecialChars(bookmark.label),
+          description: 'Map in folder "' + escapeHtmlSpecialChars(folder.label) + '"',
           icon: '@@INCLUDEIMAGE:images/icon-bookmark-map.png@@',
           position: L.latLng(bookmark.latlng.split(",")),
           zoom: bookmark.z,
@@ -502,8 +502,8 @@
         if(bookmark.label.toLowerCase().indexOf(term) === -1) return;
 
         query.addResult({
-          title: bookmark.label,
-          description: 'Bookmark in folder "' + folder.label + '"',
+          title: escapeHtmlSpecialChars(bookmark.label),
+          description: 'Bookmark in folder "' + escapeHtmlSpecialChars(folder.label) + '"',
           icon: '@@INCLUDEIMAGE:images/icon-bookmark.png@@',
           position: L.latLng(bookmark.latlng.split(",")),
           guid: bookmark.guid,