Updated client-side DOM manipulation functions to unescape char-codes before injecting them via innerText instead of raw-dogging it into innerHTML

2025-04-12 07:21:36 -04:00 · 2025-04-12 07:21:36 -04:00 · 4ed4b572f2
commit 4ed4b572f2
parent e46513cc1a
10 changed files with 25 additions and 26 deletions
--- a/www/js/channel/panels/queuePanel/queuePanel.js
+++ b/www/js/channel/panels/queuePanel/queuePanel.js
@ -833,6 +833,7 @@ class queuePanel extends panelObj{
                timetip.moveToMouse(event);

                //Inject timetip label
+                //Normally wouldn't do innerHTML but these values are calculated serverside and it saves us making a <br> element
                timetip.tooltip.innerHTML = [
                    `Start Time: ${utils.ux.timeStringFromDate(start, true)}`,
                    `End Time: ${utils.ux.timeStringFromDate(new Date(start.getTime() + (target.dataset['duration'] * 1000)), true)}`