mirror_css/bootstrap
1
0
Fork 0
mirror of https://github.com/twbs/bootstrap.git synced 2025-09-26 05:19:15 +02:00
Code Issues Releases Wiki Activity

detect if title in tooltip is text or html. if text - use text method to prevent xss.

Browse Source 
all add a few notes to js readme about updated event
This commit is contained in:
Jacob Thornton
2012-04-04 14:58:04 -07:00
parent 2dc979a202
commit 4bd611884a
3 changed files with 45 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
js/bootstrap-tooltip.js vendored
View File

@@ -155,9 +155,21 @@
}
}
, isHTML: function( text ) {
// html string detection logic adapted from jQuery
return typeof text != 'string'
|| ( text.charAt(0) === "<"
&& text.charAt( text.length - 1 ) === ">"
&& text.length >= 3
) || /^(?:[^<]*<[\w\W]+>[^>]*$)/.exec(text)
}
, setContent: function () {
var $tip = this.tip()
$tip.find('.tooltip-inner').html(this.getTitle())
, title = this.getTitle()
, isHTML = this.isHTML(title)
$tip.find('.tooltip-inner')[isHTML ? 'html' : 'text'](title)
$tip.removeClass('fade in top bottom left right')
}