SECURITY: Backported XSS fixes from Handlebars

This commit is contained in:
Robin Ward
2015-11-24 16:07:47 -05:00
parent f4d44187c8
commit 434deb1bd3
22 changed files with 70 additions and 30 deletions
@@ -76,6 +76,6 @@ Discourse.Dialect.on('parseNode', function (event) {
} else {
regexp = /^ +| +$/g;
}
node[node.length-1] = Handlebars.Utils.escapeExpression(contents.replace(regexp,''));
node[node.length-1] = Discourse.Utilities.escapeExpression(contents.replace(regexp,''));
}
});