paulmataruso/zulip-desktop
1
0
Fork 0
mirror of https://github.com/zulip/zulip-desktop.git synced 2025-11-03 13:33:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Escape all strings inserted into CSS selectors.

Browse Source 
Signed-off-by: Anders Kaseorg <anders@zulip.com>
This commit is contained in:
Anders Kaseorg
2020-08-24 20:01:51 -07:00
parent a9d59b3dcd
commit 97f8fe71af
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/renderer/js/main.ts
View File

@@ -461,7 +461,7 @@ class ServerManagerView {
const $parent = $img.parentElement;
const $container = $parent.parentElement;
const webviewId = $container.dataset.tabId;
const $webview = document.querySelector(`webview[data-tab-id="${webviewId}"]`);
const $webview = document.querySelector(`webview[data-tab-id="${CSS.escape(webviewId)}"]`);
const realmName = $webview.getAttribute('name');
if (realmName === null) {
@@ -972,7 +972,7 @@ class ServerManagerView {
webviews.forEach(webview => {
const currentId = webview.getWebContentsId();
const tabId = webview.getAttribute('data-tab-id');
const concurrentTab: HTMLButtonElement = document.querySelector(`div[data-tab-id="${tabId}"]`);
const concurrentTab: HTMLButtonElement = document.querySelector(`div[data-tab-id="${CSS.escape(tabId)}"]`);
if (currentId === webviewId) {
concurrentTab.click();
}

6
app/renderer/js/pages/preference/nav.ts
View File

@@ -41,7 +41,7 @@ export default class PreferenceNav extends BaseComponent {
registerListeners(): void {
for (const navItem of this.navItems) {
const $item = document.querySelector(`#nav-${navItem}`);
const $item = document.querySelector(`#nav-${CSS.escape(navItem)}`);
$item.addEventListener('click', () => {
this.props.onItemSelected(navItem);
});
@@ -59,12 +59,12 @@ export default class PreferenceNav extends BaseComponent {
}
activate(navItem: string): void {
const $item = document.querySelector(`#nav-${navItem}`);
const $item = document.querySelector(`#nav-${CSS.escape(navItem)}`);
$item.classList.add('active');
}
deactivate(navItem: string): void {
const $item = document.querySelector(`#nav-${navItem}`);
const $item = document.querySelector(`#nav-${CSS.escape(navItem)}`);
$item.classList.remove('active');
}
}