Merge pull request #2049 from jbennie44/W-5234018

W-5234018 - Fix XSS vulnerability in email admin screen
ExactTarget · Aug 1, 2018 · 027725d · 027725d
2 parents 5f96ade + e5f2d75
commit 027725d
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/.bowerrc b/.bowerrc
@@ -0,0 +1,3 @@
+{
+  "registry": "https://registry.bower.io"
+}
diff --git a/js/tree.js b/js/tree.js
@@ -159,7 +159,7 @@
 						.removeClass('hide hidden')// jQuery deprecated hide in 3.0. Use hidden instead. Leaving hide here to support previous markup
 						.removeData('template')
 						.removeAttr('data-template');
-					$entity.find('.tree-' + nodeType + '-name > .tree-label').html(treeNode.text || treeNode.name);
+					$entity.find('.tree-' + nodeType + '-name > .tree-label')[self.options.html ? 'html' : 'text'](treeNode.text || treeNode.name);
 					$entity.data(treeNode);