From 0f7f53adc29abe8af273ec0235a7db441c23f6eb Mon Sep 17 00:00:00 2001
From: Reed Loden <reed@reedloden.com>
Date: Tue, 29 May 2012 07:46:23 -0700
Subject: [PATCH] Bug 754561 - Escape HTML in keywords in the auto-complete
 form [r=LpSolit a=LpSolit]

---
 js/field.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/js/field.js b/js/field.js
index ce3eb0ba49..3a0111c15e 100644
--- a/js/field.js
+++ b/js/field.js
@@ -733,6 +733,9 @@ YAHOO.bugzilla.userAutocomplete = {
 
 YAHOO.bugzilla.keywordAutocomplete = {
     dataSource : null,
+    formatEscapedResult : function(oResultData, sQuery, sResultMatch) {
+        return ((sResultMatch) ? _escapeHTML(sResultMatch) : "");
+    },
     init_ds : function(){
         this.dataSource = new YAHOO.util.LocalDataSource( YAHOO.bugzilla.keyword_array );
     },
@@ -742,6 +745,7 @@ YAHOO.bugzilla.keywordAutocomplete = {
         }
         var keywordAutoComp = new YAHOO.widget.AutoComplete(field, container, this.dataSource);
         keywordAutoComp.maxResultsDisplayed = YAHOO.bugzilla.keyword_array.length;
+        keywordAutoComp.formatResult = this.formatEscapedResult;
         keywordAutoComp.minQueryLength = 0;
         keywordAutoComp.useIFrame = true;
         keywordAutoComp.delimChar = [","," "];
-- 
2.47.2