Skip to content
Permalink
Browse files

Autocomplete demo: Combobox: Encode search term inside tooltips. Fixe…

…s #8859 - Autocomplete: XSS in combobox demo.
  • Loading branch information...
scottgonzalez committed Nov 27, 2012
1 parent c4b7c75 commit 5fee6fd5000072ff32f2d65b6451f39af9e0e39e
Showing with 1 addition and 1 deletion.
  1. +1 −1 demos/autocomplete/combobox.html
@@ -61,7 +61,7 @@
// remove invalid value, as it didn't match anything
$( element )
.val( "" )
.attr( "title", value + " didn't match any item" )
.attr( "title", $( "<a>" ).text( value ).html() + " didn't match any item" )
.tooltip( "open" );
select.val( "" );
setTimeout(function() {

3 comments on commit 5fee6fd

@jzaefferer

This comment has been minimized.

Copy link
Member

replied Nov 27, 2012

Doesn't this just hide the underlying tooltip vulnerability? If so, tooltip would have to use .text() instead of .html(), and make it sane to override that.

@scottgonzalez

This comment has been minimized.

Copy link
Member Author

replied Nov 27, 2012

hmm...yeah, tooltip should handle this in the default content option. Good catch, I'll fix that.

@scottgonzalez

This comment has been minimized.

Copy link
Member Author

replied Nov 27, 2012

Fixed in f285440.

Please sign in to comment.
You can’t perform that action at this time.