paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-04 22:13:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

compose: HTML-escape errors from server for compose_error.

Browse Source 
Signed-off-by: Anders Kaseorg <anders@zulip.com>
This commit is contained in:
Anders Kaseorg
2021-04-09 17:26:13 -07:00
committed by Tim Abbott
parent 4a3ad0da06
commit c4b60acf9c
2 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
static/js/compose.js
View File

@@ -379,7 +379,7 @@ export function send_message(request = create_message_object()) {
// If we're not local echo'ing messages, or if this message was not
// locally echoed, show error in compose box
if (!locally_echoed) {
compose_error(response, $("#compose-textarea"));
compose_error(_.escape(response), $("#compose-textarea"));
return;
}
@@ -1149,7 +1149,7 @@ export function initialize() {
function failure(error_msg) {
clear_invites();
compose_error(error_msg, $("#compose-textarea"));
compose_error(_.escape(error_msg), $("#compose-textarea"));
$(event.target).prop("disabled", true);
}