Skip to content

Commit

Permalink
[#149] Filter out chars to prevent XSS
Browse files Browse the repository at this point in the history
  • Loading branch information
@scaron
scaron committed May 7, 2015
1 parent d0a7a04 commit 36463d4
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions js/jquery.prettyPhoto.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@
Class: prettyPhoto
Use: Lightbox clone for jQuery
Author: Stephane Caron (http://www.no-margin-for-errors.com)
Version: 3.1.5
Version: 3.1.6
------------------------------------------------------------------------- */
(function($) {
$.prettyPhoto = {version: '3.1.5'};
$.prettyPhoto = {version: '3.1.6'};

$.fn.prettyPhoto = function(pp_settings) {
pp_settings = jQuery.extend({
Expand Down Expand Up @@ -885,7 +885,7 @@
function getHashtag(){
var url = location.href;
hashtag = (url.indexOf('#prettyPhoto') !== -1) ? decodeURI(url.substring(url.indexOf('#prettyPhoto')+1,url.length)) : false;

hashtag = hashtag.replace(/<|>/g,'');

This comment has been minimized.

Sign in to view

Copy link
@boblastpass

boblastpass Jun 16, 2015

If hashtag==false, this will throw an exception.

Thanks!
return hashtag;
};

Expand Down

0 comments on commit 36463d4

Please sign in to comment.