From 64d831f9513f31b20f039b2d95152ee40a689674 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Tue, 21 Jul 2015 19:17:06 +0200 Subject: [PATCH] Escape using jquery Fix #105 --- public/js/vroom.js | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/public/js/vroom.js b/public/js/vroom.js index e740ede..d9699a1 100644 --- a/public/js/vroom.js +++ b/public/js/vroom.js @@ -152,10 +152,7 @@ $('#switch_lang').change(function(){ // Escape entities to prevent XSS function stringEscape(string){ - string = string.replace(/[\u00A0-\u99999<>\&]/gim, function(i) { - return '&#' + i.charCodeAt(0) + ';'; - }); - return string; + return $('
').text(string).html(); } // Select a color (randomly) from this list, used for text chat, and the name under the preview