Mercurial > libervia-web

diff browser_side/contact.py @ 51:9f19e16187ff

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
browser side: HTML sanitization
author Goffi <goffi@goffi.org>
date Thu, 26 May 2011 23:03:45 +0200
parents 7cabe3c1a5f2
children f25c4077f6b9
line wrap: on
line diff
--- a/browser_side/contact.py	Thu May 26 20:13:41 2011 +0200
+++ b/browser_side/contact.py	Thu May 26 23:03:45 2011 +0200
@@ -30,6 +30,7 @@
 from pyjamas.dnd import makeDraggable
 from pyjamas.ui.DragWidget import DragWidget, DragContainer
 from jid import JID
+from tools import html_sanitize
 
 class DragLabel(DragWidget):
 
@@ -65,7 +66,7 @@
 class GroupLabel(DragLabel, Label):
     def __init__(self, group):
         self.group = group
-        Label.__init__(self, group) #, Element=DOM.createElement('div')
+        Label.__init__(self, html_sanitize(group)) #, Element=DOM.createElement('div')
         self.setStyleName('group')
         DragLabel.__init__(self, group, "GROUP")
     
@@ -74,7 +75,7 @@
     def __init__(self, jid, name=None):
         if not name:
             name=jid
-        Label.__init__(self, name)
+        Label.__init__(self, html_sanitize(name))
         self.jid=jid
         self.setStyleName('contact')
         DragLabel.__init__(self, jid, "CONTACT")