[FIX] security problem in im

author niv-openerp <nicolas.vanhoren@openerp.com>

Wed, 11 Sep 2013 16:34:52 +0000 (18:34 +0200)

committer niv-openerp <nicolas.vanhoren@openerp.com>

Wed, 11 Sep 2013 16:34:52 +0000 (18:34 +0200)
author niv-openerp <nicolas.vanhoren@openerp.com>
Wed, 11 Sep 2013 16:34:52 +0000 (18:34 +0200)
committer niv-openerp <nicolas.vanhoren@openerp.com>
Wed, 11 Sep 2013 16:34:52 +0000 (18:34 +0200)
diff --git a/addons/im/static/src/js/im_common.js b/addons/im/static/src/js/im_common.js

index e0692ed..43ffdd9 100644 (file)
--- a/addons/im/static/src/js/im_common.js
+++ b/addons/im/static/src/js/im_common.js
@@ -522,7 +522,7 @@ function declare($, _, openerp) {
              var url = _.escape(result[0]);
              txt += '<a href="' + url + '">' + url + '</a>';
          }
-        txt += str.slice(last, str.length);
+        txt += _.escape(str.slice(last, str.length));
          return txt;
      };
author	niv-openerp <nicolas.vanhoren@openerp.com>
	Wed, 11 Sep 2013 16:34:52 +0000 (18:34 +0200)
committer	niv-openerp <nicolas.vanhoren@openerp.com>
	Wed, 11 Sep 2013 16:34:52 +0000 (18:34 +0200)