Permalink
Browse files

Escaping url passed in like frame

  • Loading branch information...
1 parent fc6e1cc commit 9527c819f3c498575ce21e8b6360710e7827d2d1 @mackers mackers committed May 17, 2012
Showing with 1 addition and 1 deletion.
  1. +1 −1 chrome/content/toolbar.js
@@ -374,7 +374,7 @@ var facebook = {
var curUrl = lif.contentWindow.location;
var loadFlags = (curUrl == url) ? Ci.nsIWebNavigation.LOAD_FLAGS_BYPASS_CACHE : Ci.nsIWebNavigation.LOAD_FLAGS_NONE;
lif.webNavigation.loadURI(
- 'https://www.facebook.com/plugins/like.php?action=like&colorscheme=light&href='+url+'&layout=button_count&src=fftb',
+ 'https://www.facebook.com/plugins/like.php?action=like&colorscheme=light&href='+encodeURIComponent(url)+'&layout=button_count&src=fftb',
loadFlags,
null, null, null);
}

0 comments on commit 9527c81

Please sign in to comment.