Create the narrowbar using a Handlebars template

This fixes an XSS hole (#249). (imported from commit 5f70c0bc23e0d992f2d85889e2ba9157f1b73b3a)
2025-11-06 15:03:34 +00:00 · 2012-10-31 15:36:03 -04:00
parent 5a3d52baa7
commit 5a7b307d71
4 changed files with 33 additions and 10 deletions
--- a/zephyr/static/js/setup.js
+++ b/zephyr/static/js/setup.js
@@ -13,7 +13,8 @@ $(function () {
    }

    // Compile Handlebars templates.
-    $.each(['message', 'subscription', 'userinfo_popover_title', 'userinfo_popover_content'],
+    $.each(['message', 'subscription', 'narrowbar',
+            'userinfo_popover_title', 'userinfo_popover_content'],
        function (index, name) {
            templates[name] = Handlebars.compile($('#template_'+name).html());
        }