[Pkg-owncloud-commits] [owncloud] 01/07: Media: Escape HTML
David Prévot
taffit at alioth.debian.org
Fri Nov 8 23:09:53 UTC 2013
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to annotated tag v4.0.15
in repository owncloud.
commit 1fb796c2f1a592a0aae05a90e45c1a348096275f
Author: Lukas Reschke <lukas at statuscode.ch>
Date: Mon Apr 22 20:39:52 2013 +0200
Media: Escape HTML
---
apps/media/js/collection.js | 40 ++++++++++++++++++++--------------------
apps/media/js/player.js | 8 ++++----
apps/media/js/playlist.js | 6 +++---
3 files changed, 27 insertions(+), 27 deletions(-)
diff --git a/apps/media/js/collection.js b/apps/media/js/collection.js
index 161fc0c..74efd3a 100644
--- a/apps/media/js/collection.js
+++ b/apps/media/js/collection.js
@@ -62,14 +62,14 @@ Collection={
Collection.albumsById[song.song_album].songs.push(songData);
}
}
-
+
Collection.artists.sort(function(a,b){
if(!a.name){
return -1;
}
return a.name.localeCompare(b.name);
});
-
+
Collection.loaded=true;
Collection.loading=false;
for(var i=0;i<Collection.loadedListeners.length;i++){
@@ -97,20 +97,20 @@ Collection={
if(artist.name && artist.songs.length>0){
var tr=template.clone().removeClass('template');
if(artist.songs.length>1){
- tr.find('td.title a').html(artist.songs.length+' '+t('media','songs'));
- tr.find('td.album a').html(artist.albums.length+' '+t('media','albums'));
+ tr.find('td.title a').text(artist.songs.length+' '+t('media','songs'));
+ tr.find('td.album a').text(artist.albums.length+' '+t('media','albums'));
}else{
- tr.find('td.title a').html(artist.songs[0].name);
- tr.find('td.album a').html(artist.albums[0].name);
+ tr.find('td.title a').text(artist.songs[0].name);
+ tr.find('td.album a').text(artist.albums[0].name);
}
- tr.find('td.artist a').html(artist.name);
+ tr.find('td.artist a').text(artist.name);
tr.data('artistData',artist);
tr.find('td.artist a').click(function(event){
event.preventDefault();
PlayList.add(artist);
PlayList.play(0);
Collection.parent.find('tr').removeClass('active');
- $('tr[data-artist="'+artist.name+'"]').addClass('active');
+ $('tr[data-artist="'+escapeHTML(artist.name)+'"]').addClass('active');
});
var expander='';
if(artist.songs.length>1){
@@ -158,7 +158,7 @@ Collection={
PlayList.add(album);
PlayList.play(0);
Collection.parent.find('tr').removeClass('active');
- $('tr[data-album="'+album.name+'"]').addClass('active');
+ $('tr[data-album="'+escapeHTML(album.name)+'"]').addClass('active');
});
if(album.songs.length>1){
var expander=$('<a class="expander">v </a>');
@@ -184,12 +184,12 @@ Collection={
PlayList.add(song);
PlayList.play(0);
Collection.parent.find('tr').removeClass('active');
- $('tr[data-title="'+song.name+'"]').addClass('active');
+ $('tr[data-title="'+escapeHTML(song.name)+'"]').addClass('active');
});
- newRow.attr('data-album',album.name);
- newRow.attr('data-title',song.name);
- newRow.attr('data-artist',artist.name);
- newRow.data('albumData',album);
+ newRow.attr('data-album', escapeHTML(album.name));
+ newRow.attr('data-title', escapeHTML(song.name));
+ newRow.attr('data-artist', escapeHTML(artist.name));
+ newRow.data('albumData', escapeHTML(album));
if(!first){
lastRow.after(newRow);
}
@@ -203,7 +203,7 @@ Collection={
tr.find('td.artist-expander a.expander').text('v');
},
hideArtist:function(artist){
- var tr=Collection.parent.find('tr[data-artist="'+artist+'"]');
+ var tr=Collection.parent.find('tr[data-artist="'+escapeHTML(artist)+'"]');
var artist=tr.first().data('artistData');
tr.first().find('td.album a').first().text(artist.albums.length+' '+t('media','albums'));
tr.first().find('td.album-expander a.expander').remove();
@@ -218,10 +218,10 @@ Collection={
tr.find('td.artist-expander a.expander').data('expanded',false);
tr.find('td.artist-expander a.expander').removeClass('expanded');
tr.find('td.artist-expander a.expander').text('>');
- Collection.addButtons(tr,artist);
+ Collection.addButtons(tr, escapeHTML(artist));
},
showAlbum:function(artist,album){
- var tr = Collection.parent.find('tr[data-artist="'+artist+'"][data-album="'+album+'"]');
+ var tr = Collection.parent.find('tr[data-artist="'+escapeHTML(artist)+'"][data-album="'+escapeHTML(album)+'"]');
var lastRow=tr;
var albumData=tr.data('albumData');
tr.find('td.album-expander a.expander').data('expanded',true);
@@ -243,7 +243,7 @@ Collection={
PlayList.add(song);
PlayList.play(0);
Collection.parent.find('tr').removeClass('active');
- $('tr[data-title="'+song.name+'"]').addClass('active');
+ $('tr[data-title="'+escapeHTML(song.name)+'"]').addClass('active');
});
if(i>0){
lastRow.after(newRow);
@@ -252,7 +252,7 @@ Collection={
});
},
hideAlbum:function(artist,album){
- var tr = Collection.parent.find('tr[data-artist="'+artist+'"][data-album="'+album+'"]');
+ var tr = Collection.parent.find('tr[data-artist="'+escapeHTML(artist)+'"][data-album="'+escapeHTML(album)+'"]');
var albumData=tr.data('albumData');
tr.first().find('td.title a').text(albumData.songs.length+' '+t('media','songs'));
tr.find('td.album-expander a.expander').data('expanded',false);
@@ -365,4 +365,4 @@ $(document).ready(function(){
});
Scanner.scanCollection();
});
-});
+});
\ No newline at end of file
diff --git a/apps/media/js/player.js b/apps/media/js/player.js
index ad40683..8fd7809 100644
--- a/apps/media/js/player.js
+++ b/apps/media/js/player.js
@@ -53,8 +53,8 @@ var PlayList={
}else{
var next=0;
}
- $('.jp-next').attr('title',items[next].name);
- $('.jp-previous').attr('title',items[previous].name);
+ $('.jp-next').attr('title',escapeHTML(items[next].name));
+ $('.jp-previous').attr('title',escapeHTML(items[previous].name));
if (typeof Collection !== 'undefined') {
Collection.registerPlay();
}
@@ -96,7 +96,7 @@ var PlayList={
},
play:function(event){
OC.localStorage.setItem('playlist_playing',true);
- document.title = "\u25b8 " + event.jPlayer.status.media.name + " - " + event.jPlayer.status.media.artist + " - ownCloud";
+ document.title = "\u25b8 " + escapeHTML(event.jPlayer.status.media.name) + " - " + escapeHTML(event.jPlayer.status.media.artist) + " - ownCloud";
},
supplied:type,
ready:function(){
@@ -211,4 +211,4 @@ $(document).ready(function(){
$('jp-previous').tipsy({gravity:'n', fade:true, live:true});
$('jp-next').tipsy({gravity:'n', fade:true, live:true});
-})
+})
\ No newline at end of file
diff --git a/apps/media/js/playlist.js b/apps/media/js/playlist.js
index 8e9e2a9..68fe0b3 100644
--- a/apps/media/js/playlist.js
+++ b/apps/media/js/playlist.js
@@ -14,8 +14,8 @@ PlayList.render=function(){
var item=PlayList.items[i];
var li=$('<li/>');
li.attr('class', 'jp-playlist-' + i);
- li.attr('title', item.artist + ' - ' + item.name + '<br/>(' + item.album + ')');
- var div = $('<div class="label">' + item.name + '</div>');
+ li.attr('title', escapeHTML(item.artist) + ' - ' + escapeHTML(item.name) + '<br/>(' + escapeHTML(item.album) + ')');
+ var div = $('<div class="label">' + escapeHTML(item.name) + '</div>');
li.append(div);
$('.jp-playlist-' + i).tipsy({gravity:'w', fade:true, live:true, html:true});
var img=$('<img class="remove svg action" src="'+OC.imagePath('core','actions/delete')+'"/>');
@@ -54,4 +54,4 @@ $(document).ready(function(){
$('#leftcontent li.song input:checkbox').parent().removeClass('selected');
}
});
-});
+});
\ No newline at end of file
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list