sanitize your own accountName

pull/1/head
ansuz 4 years ago
parent b44bd01bc5
commit ceebb99134

@ -1650,7 +1650,7 @@ define([
var $displayedName = $('<span>', {'class': displayNameCls}); var $displayedName = $('<span>', {'class': displayNameCls});
var priv = metadataMgr.getPrivateData(); var priv = metadataMgr.getPrivateData();
var accountName = priv.accountName; var accountName = Util.fixHTML(priv.accountName);
var origin = priv.origin; var origin = priv.origin;
var padType = metadataMgr.getMetadata().type; var padType = metadataMgr.getMetadata().type;
@ -1660,7 +1660,8 @@ define([
var $userAdminContent = $('<p>'); var $userAdminContent = $('<p>');
if (accountName) { if (accountName) {
var $userAccount = $('<span>').append(Messages.user_accountName + ': '); var $userAccount = $('<span>').append(Messages.user_accountName + ': ');
$userAdminContent.append($userAccount).append(Util.fixHTML(accountName));
$userAdminContent.append($userAccount).append(accountName);
$userAdminContent.append($('<br>')); $userAdminContent.append($('<br>'));
} }
if (config.displayName && !AppConfig.disableProfile) { if (config.displayName && !AppConfig.disableProfile) {

Loading…
Cancel
Save