Changes between Initial Version and Version 1 of Ticket #40342, comment 8
- Timestamp:
- 05/12/2017 08:01:19 PM (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #40342, comment 8
initial v1 1 @maguiar Thanks for your patch here!1 @maguiar & @menakas Thanks for your patch here! 2 2 3 3 I'm a little concerned by the use of `.html()` here because its content gets evaluated presenting a potential XSS vector. testing this I wasn’t able to exploit, however it would be better to replace only the inner name part with `.text()` which isn't evaluated, do you think that is possible? we can add an additional span wrapper in the html if you need a way to target the inner name part.