Skip to content
Permalink
Browse files Browse the repository at this point in the history
Merge pull request from GHSA-98j8-hvjv-x47j
Use .text instead of .html to render messages
  • Loading branch information
PierreRambaud committed Apr 15, 2020
2 parents b6aea15 + 1e20e06 commit fc0625f
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
4 changes: 2 additions & 2 deletions admin-dev/themes/new-theme/js/pages/import/ImportPage.js
Expand Up @@ -160,8 +160,8 @@ export default class ImportPage {

const fileData = fileName + ' (' + this.humanizeSize(fileSize) + ')';

$alert.find('.js-file-data').html(fileData);
$alert.find('.js-error-message').html(message);
$alert.find('.js-file-data').text(fileData);
$alert.find('.js-error-message').text(message);
$alert.removeClass('d-none');
}

Expand Down
2 changes: 1 addition & 1 deletion admin-dev/themes/new-theme/public/imports.bundle.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit fc0625f

Please sign in to comment.