mirror/tomahawk
1
0
Fork 0
mirror of https://github.com/tomahawk-player/tomahawk.git synced 2025-08-05 05:37:29 +02:00
Code Issues Releases Wiki Activity

Use xss safe version

Browse Source
This commit is contained in:
Anton Romanov
2015-06-29 15:17:19 -07:00
parent 84d27aa615
commit d3c748c9ae
1 changed files with 18 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
data/js/tomahawk.js
View File

@@ -109,11 +109,24 @@ Tomahawk.timestamp = function () {
return Math.round(new Date() / 1000);
};
Tomahawk.htmlDecode = function (encoded) {
var div = document.createElement('div');
div.innerHTML = encoded;
return div.innerText
};
Tomahawk.htmlDecode = (function() {
// this prevents any overhead from creating the object each time
var element = document.createElement('textarea');
function decodeHTMLEntities (str) {
if(str && typeof str === 'string') {
str = str.replace(/</g,"&lt;");
str = str.replace(/>/g,"&gt;");
element.innerHTML = str;
str = element.textContent;
element.textContent = '';
}
return str;
}
return decodeHTMLEntities;
})();
Tomahawk.dumpResult = function (result) {
var results = result.results,