From dd2bb2f82f20eec33ebf99c81b61d213c91b299b Mon Sep 17 00:00:00 2001
From: Alexander Pickering <alexandermpickering@gmail.com>
Date: Mon, 9 May 2016 15:21:19 -0400
Subject: Added a html escaper to parse bugs

---
 ws2a/bugsload.js | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'ws2a/bugsload.js')

diff --git a/ws2a/bugsload.js b/ws2a/bugsload.js
index 4c8b007..1212e15 100644
--- a/ws2a/bugsload.js
+++ b/ws2a/bugsload.js
@@ -1,8 +1,18 @@
+function htmlEscape(str) {
+    return String(str)
+        .replace(/&/g, '&amp;')
+        .replace(/"/g, '&quot;')
+        .replace(/'/g, '&#39;')
+        .replace(/</g, '&lt;')
+        .replace(/>/g, '&gt;')
+        .replace(/\//g, '&#x2F;');
+}
+
 function loadLastBugs() {
   var xhttp = new XMLHttpRequest();
   xhttp.onreadystatechange = function() {
     if (xhttp.readyState == 4 && xhttp.status == 200) {
-     document.getElementById("bugstable").innerHTML = xhttp.responseText;
+     document.getElementById("bugstable").innerHTML = htmlEscape(xhttp.responseText);
     }
   };
   xhttp.open("GET", "/cgi-bin/bugsdata.cgi", true);
-- 
cgit v1.2.3-70-g09d2