Fixed escaping of values returned by WCF.Search.Base

author Alexander Ebert <ebert@woltlab.com>

Mon, 22 Jul 2013 12:38:28 +0000 (14:38 +0200)

committer Alexander Ebert <ebert@woltlab.com>

Mon, 22 Jul 2013 12:38:28 +0000 (14:38 +0200)
author Alexander Ebert <ebert@woltlab.com>
Mon, 22 Jul 2013 12:38:28 +0000 (14:38 +0200)
committer Alexander Ebert <ebert@woltlab.com>
Mon, 22 Jul 2013 12:38:28 +0000 (14:38 +0200)
diff --git a/wcfsetup/install/files/acp/js/WCF.ACP.js b/wcfsetup/install/files/acp/js/WCF.ACP.js

index 65aa99e6a3bba425779d63f6cd88338ab84026e7..f5d726097b71f2bc698495a58186b3201267997a 100644 (file)
--- a/wcfsetup/install/files/acp/js/WCF.ACP.js
+++ b/wcfsetup/install/files/acp/js/WCF.ACP.js
@@ -1915,7 +1915,7 @@ WCF.ACP.Search = WCF.Search.Base.extend({
                 for (var $i in resultList.items) {
                         var $item = resultList.items[$i];
                         
-                       $('<li><a href="' + $item.link + '">' + $item.title + '</a></li>').appendTo(this._list);
+                       $('<li><a href="' + $item.link + '">' + WCF.String.escapeHTML($item.title) + '</a></li>').appendTo(this._list);
                         
                         this._itemCount++;
                 }
author	Alexander Ebert <ebert@woltlab.com>
	Mon, 22 Jul 2013 12:38:28 +0000 (14:38 +0200)
committer	Alexander Ebert <ebert@woltlab.com>
	Mon, 22 Jul 2013 12:38:28 +0000 (14:38 +0200)