Author: kkolinko
Date: Thu Mar 22 23:36:47 2012
New Revision: 1304135
URL: http://svn.apache.org/viewvc?rev=1304135&view=rev
Log:
In "echo" websocket example: Treat the text typed by user and echoed by server
as plain text instead of HTML, effectively safe-guarding it.
Just noting that "chat" example is different and safe-guards at the server side.
Modified:
tomcat/trunk/webapps/examples/websocket/echo.html
Modified: tomcat/trunk/webapps/examples/websocket/echo.html
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/examples/websocket/echo.html?rev=1304135&r1=1304134&r2=1304135&view=diff
==============================================================================
--- tomcat/trunk/webapps/examples/websocket/echo.html (original)
+++ tomcat/trunk/webapps/examples/websocket/echo.html Thu Mar 22 23:36:47 2012
@@ -111,7 +111,7 @@
var console = document.getElementById('console');
var p = document.createElement('p');
p.style.wordWrap = 'break-word';
- p.innerHTML = message;
+ p.appendChild(document.createTextNode(message));
console.appendChild(p);
while (console.childNodes.length > 25) {
console.removeChild(console.firstChild);
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
