paulmataruso/zulip-desktop
1
0
Fork 0
mirror of https://github.com/zulip/zulip-desktop.git synced 2025-11-01 20:43:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

sidebar: Escape HTML for already added realm.

Browse Source 
For the new servers we are already pushing the realm
details after escaping data but for already saved servers
we should escape the same to avoid any security issue.
This commit is contained in:
Akash Nimare
2018-06-05 02:23:18 +05:30
parent 1eabf5c5a2
commit f7696cc04d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/renderer/js/main.js
View File

@@ -227,7 +227,7 @@ class ServerManagerView {
}
onHover(index, serverName) {
this.$serverIconTooltip[index].innerText = serverName;
this.$serverIconTooltip[index].innerHTML = escape(serverName);
this.$serverIconTooltip[index].removeAttribute('style');
// To handle position of servers' tooltip due to scrolling of list of organizations
// This could not be handled using CSS, hence the top of the tooltip is made same