toasterui: use text() instead of html()

Use the text() jQuery function instead of the html() one for security reasons. Signed-off-by: Belen Barros Pena <belen.barros.pena@intel.com>
author: Belen Barros Pena <belen.barros.pena@intel.com> 2015-02-02 17:40:21 +0000
committer: Alexandru DAMIAN <alexandru.damian@intel.com> 2015-02-09 17:54:34 +0000
commit: b96457870b40ba60dd5c86d83c43093d09b70aea (patch)
tree: b1d0fdfc54e0188a511adccd34f699098a60bf9f
parent: b7b1e64f650c9ea676714209b9d6e7efeca992be (diff)
download: bitbake-b96457870b40ba60dd5c86d83c43093d09b70aea.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/toaster/toastergui/static/js/layerdetails.js b/lib/toaster/toastergui/static/js/layerdetails.js
index 2793225d..9339ae8b 100644
--- a/lib/toaster/toastergui/static/js/layerdetails.js
+++ b/lib/toaster/toastergui/static/js/layerdetails.js
@@ -252,10 +252,10 @@ function layerDetailsPageInit (ctx) {
           break;
       }
 
-      alertMsg.append("You have deleted <strong>1</strong> layer from <a id=\"project-affected-name\"></a>: <span id=\"layer-affected-name\"></span>");
+      alertMsg.append("You have deleted <strong>1</strong> layer from <a id=\"project-affected-name\"></a>: <strong id=\"layer-affected-name\"></strong>");
     }
 
-    alertMsg.children("#layer-affected-name").html("<strong>" + ctx.layerVersion.name + "</strong>");
+    alertMsg.children("#layer-affected-name").text(ctx.layerVersion.name);
     alertMsg.children("#project-affected-name").text(ctx.projectName);
     alertMsg.children("#project-affected-name").attr("href", ctx.projectPageUrl);
     $("#alert-area").show();
author	Belen Barros Pena <belen.barros.pena@intel.com>	2015-02-02 17:40:21 +0000
committer	Alexandru DAMIAN <alexandru.damian@intel.com>	2015-02-09 17:54:34 +0000
commit	b96457870b40ba60dd5c86d83c43093d09b70aea (patch)
tree	b1d0fdfc54e0188a511adccd34f699098a60bf9f
parent	b7b1e64f650c9ea676714209b9d6e7efeca992be (diff)
download	bitbake-b96457870b40ba60dd5c86d83c43093d09b70aea.zip