Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-10-31 10:26:08 +01:00
Code Issues Packages Projects Releases Activity

fix "XSS" in the new empty tab, closes #2145

Browse Source
This commit is contained in:
zadam
2021-10-31 23:12:24 +01:00
parent b0c0ed8512
commit 7e41226549
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/public/app/services/note_autocomplete.js
View File

@@ -43,7 +43,7 @@ async function autocompleteSource(term, cb, options = {}) {
action: 'create-note', action: 'create-note',
noteTitle: term, noteTitle: term,
parentNoteId: activeNoteId || 'root', parentNoteId: activeNoteId || 'root',
highlightedNotePathTitle: `Create and link child note "${term}"` highlightedNotePathTitle: `Create and link child note "${utils.escapeHtml(term)}"`
} }
].concat(results); ].concat(results);
} }
@@ -53,7 +53,7 @@ async function autocompleteSource(term, cb, options = {}) {
{ {
action: 'external-link', action: 'external-link',
externalLink: term, externalLink: term,
highlightedNotePathTitle: `Insert external link to "${term}"` highlightedNotePathTitle: `Insert external link to "${utils.escapeHtml(term)}"`
} }
].concat(results); ].concat(results);
} }