rainbownapkin/canopy
1
0
Fork 0
Code Issues 5 Pull requests Projects Releases Packages Wiki Activity Actions

Updated client-side DOM manipulation functions to unescape char-codes before injecting them via innerText instead of raw-dogging it into innerHTML

Browse source
This commit is contained in:
rainbow napkin 2025-04-12 07:21:36 -04:00
parent e46513cc1a
commit 4ed4b572f2
10 changed files with 25 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

2
www/js/profile.js
View file

@ -102,7 +102,7 @@ class profileUpdateTextPrompt extends profileUpdatePrompt{
const update = await utils.ajax.updateProfile(updateObj);
//Fill content from update, make sure to add line breaks for the bio
this.contentNode.innerHTML = update[this.field].replaceAll('\n','<br>');
this.contentNode.textContent = utils.unescapeEntities(update[this.field].replaceAll('\n','<br>'));
}
}
}