Bug 1163393: XSS in the new jQuery autocomplete code

author Byron Jones <glob@mozilla.com>

Tue, 12 May 2015 03:20:37 +0000 (11:20 +0800)

committer Byron Jones <glob@mozilla.com>

Tue, 12 May 2015 03:20:37 +0000 (11:20 +0800)
author Byron Jones <glob@mozilla.com>
Tue, 12 May 2015 03:20:37 +0000 (11:20 +0800)
committer Byron Jones <glob@mozilla.com>
Tue, 12 May 2015 03:20:37 +0000 (11:20 +0800)
diff --git a/js/field.js b/js/field.js

index f55852671b216f4e0cdcbbdb6cff82eaae221833..5a48db471c019363a2a52891e9f87ad62da76beb 100644 (file)
--- a/js/field.js
+++ b/js/field.js
@@ -844,8 +844,12 @@ $(function() {
              };
          },
          formatResult: function(suggestion, currentValue) {
-            return suggestion.data.name === '' ?
-                suggestion.data.login : suggestion.data.name + ' (' + suggestion.data.login + ')';
+            return (suggestion.data.name === '' ?
+                suggestion.data.login : suggestion.data.name + ' (' + suggestion.data.login + ')')
+                .replace(/&/g, '&amp;')
+                .replace(/</g, '&lt;')
+                .replace(/>/g, '&gt;')
+                .replace(/"/g, '&quot;');
          },
          onSearchStart: function(params) {
              var that = $(this);
author	Byron Jones <glob@mozilla.com>
	Tue, 12 May 2015 03:20:37 +0000 (11:20 +0800)
committer	Byron Jones <glob@mozilla.com>
	Tue, 12 May 2015 03:20:37 +0000 (11:20 +0800)