> On Nov. 5, 2012, 11:57 p.m., Benjamin Hindman wrote: > > src/webui/master/static/jquery.pailer.js, line 204 > > <https://reviews.apache.org/r/7854/diff/1/?file=185196#file185196line204> > > > > Just a question: since 'element' can be "anything", I suppose there is > > no way to say to the 'element': don't render HTML? Is that correct?
If we could use the .text() atribute it automatically escapes stuff. http://api.jquery.com/text/ It does some magic and aggregates the text for all things under element, so I hesitate to use it. - Ben ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/7854/#review13119 ----------------------------------------------------------- On Nov. 3, 2012, 9:06 p.m., Ben Mahler wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/7854/ > ----------------------------------------------------------- > > (Updated Nov. 3, 2012, 9:06 p.m.) > > > Review request for mesos, Benjamin Hindman and Brian Wickman. > > > Description > ------- > > Added our own helper because it appears jquery doesn't support it: > http://bugs.jquery.com/ticket/11773 > > Ideally, the pailer shouldn't need 3rd party libraries, so I based this on > _.escape from underscore.js (although simplified to not have to consider > unescaping). > > > Diffs > ----- > > src/webui/master/static/jquery.pailer.js > 9bcaf01f48941ab75f1156ad27c6ff03d5ede68b > > Diff: https://reviews.apache.org/r/7854/diff/ > > > Testing > ------- > > Manually tested with local runs. > > > Screenshots > ----------- > > before > https://reviews.apache.org/r/7854/s/11/ > after > https://reviews.apache.org/r/7854/s/12/ > > > Thanks, > > Ben Mahler > >
