Commit 2e2f1dc4 authored by Marius Burkard's avatar Marius Burkard

- fixed XSS vulnerability in select2 usage

parent 1caeea6a
......@@ -103,13 +103,13 @@ var ISPConfig = {
width: 'element',
selectOnBlur: true,
allowClear: true,
formatResult: function(o) {
if(o.id && $(o.element).parent().hasClass('flags')) return '<span class="flags flag-' + o.id.toLowerCase() + '">' + o.text + '</span>';
else return o.text;
formatResult: function(o, cont, qry, escapeMarkup) {
if(o.id && $(o.element).parent().hasClass('flags')) return '<span class="flags flag-' + o.id.toLowerCase() + '">' + escapeMarkup(o.text) + '</span>';
else return escapeMarkup(o.text);
},
formatSelection: function(o) {
if(o.id && $(o.element).parent().hasClass('flags')) return '<span class="flags flag-' + o.id.toLowerCase() + '">' + o.text + '</span>';
else return o.text;
formatSelection: function(o, cont, escapeMarkup) {
if(o.id && $(o.element).parent().hasClass('flags')) return '<span class="flags flag-' + o.id.toLowerCase() + '">' + escapeMarkup(o.text) + '</span>';
else return escapeMarkup(o.text);
}
}).on('change', function(e) {
if ($("#pageForm .table #Filter").length > 0) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment