diff --git a/www/common/cryptpad-common.js b/www/common/cryptpad-common.js index c78f938d2..729d0468b 100644 --- a/www/common/cryptpad-common.js +++ b/www/common/cryptpad-common.js @@ -163,10 +163,13 @@ define([ // var isArray = function (o) { return Object.prototype.toString.call(o) === '[object Array]'; }; var isArray = common.isArray = $.isArray; - var fixHTML = common.fixHTML = function (html) { - return html.replace(/&"']/g, function (x) { + return ({ "<": "<", ">": ">", "&": "&", '"': """, "'": "'" })[x]; + }); }; + var truncate = common.truncate = function (text, len) { if (typeof(text) === 'string' && text.length > len) { return text.slice(0, len) + '…'; @@ -1142,22 +1145,22 @@ define([ var $displayedName = $('', {'class': config.displayNameCls || 'displayName'}); var accountName = localStorage[common.userNameKey]; var account = isLoggedIn(); - var $userAdminContent = $('

'); - if (account) { - var $userAccount = $('', {'class': 'userAccount'}).append(Messages.user_accountName + ': ' + accountName); - $userAdminContent.append($userAccount); - $userAdminContent.append($('
')); - } var $userName = $('', {'class': 'userDisplayName'}); - if (config.displayName) { - // Hide "Display name:" in read only mode - $userName.append(Messages.user_displayName + ': '); - $userName.append($displayedName.clone()); - } - //$userName.append($displayedName.clone()); TODO remove ? - $userAdminContent.append($userName); var options = []; if (config.displayNameCls) { + var $userAdminContent = $('

'); + if (account) { + var $userAccount = $('', {'class': 'userAccount'}).append(Messages.user_accountName + ': ' + fixHTML(accountName)); + $userAdminContent.append($userAccount); + $userAdminContent.append($('
')); + } + if (config.displayName) { + // Hide "Display name:" in read only mode + $userName.append(Messages.user_displayName + ': '); + $userName.append($displayedName.clone()); + } + //$userName.append($displayedName.clone()); TODO remove ? + $userAdminContent.append($userName); options.push({ tag: 'p', attributes: {'class': 'accountData'},