Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2025-12-31 22:38:49 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

escape javascript strings in todo creation and update

Browse source
This commit is contained in:
Michael Witrant 2011-03-06 17:30:45 +08:00 committed by Reinier Balt
parent 04f11c6b0c
commit 139b348d09
2 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

8
app/views/todos/create.js.erb
View file

@ -1,5 +1,5 @@
<% if @saved -%>
TracksPages.page_notify('notice', "<%=@status_message%>", 5);
TracksPages.page_notify('notice', "<%=escape_javascript @status_message%>", 5);
TracksPages.hide_errors();
TracksPages.set_page_badge(<%= @down_count %>);
<% if should_show_new_item -%>
@ -18,9 +18,9 @@
function clear_form() {
$('#todo-form-new-action').clearForm();
$('#todo-form-new-action').clearDeps();
TracksForm.set_context_name('<%=@initial_context_name%>');
TracksForm.set_project_name('<%=@initial_project_name%>');
TracksForm.set_tag_list('<%=@default_tags%>');
TracksForm.set_context_name('<%=escape_javascript @initial_context_name%>');
TracksForm.set_project_name('<%=escape_javascript @initial_project_name%>');
TracksForm.set_tag_list('<%=escape_javascript @default_tags%>');
$('#todo-form-new-action input:text:first').focus();
}

2
app/views/todos/update.js.erb
View file

@ -20,7 +20,7 @@
%>
<%= render_animation(animation) %>
TracksPages.page_notify('notice', '<%=@status_message%>', 5);
TracksPages.page_notify('notice', '<%=escape_javascript @status_message%>', 5);
TracksPages.set_page_badge(<%= @down_count %>);
<% end %>