raoul/openlp
1
0
Fork 0
forked from openlp/openlp
Code Issues Pull Requests Projects Releases Wiki Activity

Converts <> marks to &lt;&gt; to make it impossible to insert HTML to alerts.

Browse Source 
Fixes: https://launchpad.net/bugs/908197
This commit is contained in:
Mattias Põldaru 2011-12-23 21:14:49 +02:00
parent e59d5b014b
commit b48dda3c74
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openlp/core/ui/maindisplay.py
View File

@ -240,12 +240,14 @@ class MainDisplay(Display):
not self.isVisible(): not self.isVisible():
shrink = True shrink = True
js = u'show_alert("%s", "%s")' % ( js = u'show_alert("%s", "%s")' % (
text.replace(u'\\', u'\\\\').replace(u'\"', u'\\\"'), text.replace(u'\\', u'\\\\').replace(u'\"', u'\\\"')
.replace(u'<', u'&lt;').replace(u'>', u'&gt;'),
u'top') u'top')
else: else:
shrink = False shrink = False
js = u'show_alert("%s", "")' % ( js = u'show_alert("%s", "")' % (
text.replace(u'\\', u'\\\\').replace(u'\"', u'\\\"')) text.replace(u'\\', u'\\\\').replace(u'\"', u'\\\"')
.replace(u'<', u'&lt;').replace(u'>', u'&gt;'))
height = self.frame.evaluateJavaScript(js) height = self.frame.evaluateJavaScript(js)
if shrink: if shrink:
if text: if text: