mirrors/jellyfin-web
1
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin-web synced 2025-03-30 19:56:21 +00:00
Code Activity

Escape HTML

Browse source
This commit is contained in:
Dmitry Lyzo 2022-01-30 00:27:26 +03:00
parent 08cbc5aa8f
commit 59adbc348a
60 changed files with 245 additions and 192 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/components/homeScreenSettings/homeScreenSettings.js
View file

@ -1,4 +1,5 @@
import escapeHtml from 'escape-html';
import layoutManager from '../layoutManager';
import focusManager from '../focusManager';
import globalize from '../../scripts/globalize';
@ -32,7 +33,7 @@ import template from './homeScreenSettings.template.html';
currentHtml += '<label>';
currentHtml += `<input type="checkbox" is="emby-checkbox" class="chkGroupFolder" data-folderid="${i.Id}" id="${id}"${checkedHtml}/>`;
currentHtml += `<span>${i.Name}</span>`;
currentHtml += `<span>${escapeHtml(i.Name)}</span>`;
currentHtml += '</label>';
return currentHtml;
@ -165,7 +166,7 @@ import template from './homeScreenSettings.template.html';
const selectedHtml = selected ? ' selected' : '';
const optionValue = o.isDefault ? '' : o.value;
return `<option value="${optionValue}"${selectedHtml}>${o.name}</option>`;
return `<option value="${optionValue}"${selectedHtml}>${escapeHtml(o.name)}</option>`;
}).join('');
}
@ -182,7 +183,7 @@ import template from './homeScreenSettings.template.html';
currentHtml += '<div class="listItemBody">';
currentHtml += '<div>';
currentHtml += view.Name;
currentHtml += escapeHtml(view.Name);
currentHtml += '</div>';
currentHtml += '</div>';
@ -265,7 +266,7 @@ import template from './homeScreenSettings.template.html';
prefix += '<div class="verticalSection">';
prefix += '<h2 class="sectionTitle">';
prefix += item.Name;
prefix += escapeHtml(item.Name);
prefix += '</h2>';
html = prefix + html;