Skip to content
Permalink
Browse files Browse the repository at this point in the history
e835ddc5b800c47f7e9e32a91cc522f8ca7ced5c Fix: If an array was passed …
…to the HTML escape entities function it would not have its contents escaped

Many thanks to Alessio Della Libera of Snyk for finding and reporting this.

Sync to source repo @e835ddc5b800c47f7e9e32a91cc522f8ca7ced5c
  • Loading branch information
Allan Jardine committed Sep 21, 2021
1 parent 7e67f10 commit 59a8d3f
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 7 deletions.
2 changes: 1 addition & 1 deletion datatables.json
Expand Up @@ -9,5 +9,5 @@
],
"src-repo": "http://github.com/DataTables/DataTablesSrc",
"last-tag": "1.11.2",
"last-sync": "ea607c6e51e76d13efc341b5d41f5082a33b56e0"
"last-sync": "e835ddc5b800c47f7e9e32a91cc522f8ca7ced5c"
}
4 changes: 4 additions & 0 deletions js/jquery.dataTables.js
Expand Up @@ -15064,6 +15064,10 @@
*/

var __htmlEscapeEntities = function ( d ) {
if (Array.isArray(d)) {
d = d.join(',');
}

return typeof d === 'string' ?
d
.replace(/&/g, '&')
Expand Down
12 changes: 6 additions & 6 deletions js/jquery.dataTables.min.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 59a8d3f

Please sign in to comment.