Javascript updates should be escaped
Reported by bahuvrihi | February 8th, 2009 @ 09:45 PM
This is particularly the case for tail, which could include log messages that have script tags. info should also be addressed
// bad!
$(target).update(transport.responseText);
Comments and changes to this ticket
-
-
bahuvrihi February 13th, 2009 @ 11:20 AM
Indeed this can cause a 'tail position out of range' error when an object.inspect is logged, since it looks like a tag and gets hidden.
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
A framework for making configurable, file-based tasks and workflows.
bahuvrihi