mirror of
https://github.com/Combodo/iTop.git
synced 2026-04-23 18:48:51 +02:00
N°532 autocomplete : fix regressions introduced in ebb541e4
* multiple separator * XSS filter * search field value reset
This commit is contained in:
@@ -349,7 +349,10 @@
|
||||
$input.val( words.join(options.multipleSeparator) + (words.length ? options.multipleSeparator : "") );
|
||||
}
|
||||
else {
|
||||
$input.val( "" );
|
||||
// N°532
|
||||
// do NOT clear the typed text when the value does not match one of the possible values, but clear the
|
||||
// actual underlying value so that the input field gets marked as "invalid" if it is mandatory.
|
||||
// $input.val("");
|
||||
$input.trigger("result", null);
|
||||
}
|
||||
}
|
||||
@@ -491,7 +494,7 @@
|
||||
autoFill: false,
|
||||
width: 0,
|
||||
multiple: false,
|
||||
multipleSeparator: " ",
|
||||
multipleSeparator: ", ",
|
||||
inputFocus: true,
|
||||
clickFire: false,
|
||||
highlight: function(value, term) {
|
||||
@@ -775,6 +778,8 @@
|
||||
var formatted = options.formatItem(data[i].data, i+1, max, data[i].value, term);
|
||||
if ( formatted === false )
|
||||
continue;
|
||||
// Escape dangerous characters to prevent XSS vulnerabilities
|
||||
formatted = formatted.replace('&', '&').replace('"', '"').replace('>', '>').replace('<', '<');
|
||||
var li = $("<li/>").html( options.highlight(formatted, term) ).addClass(i%2 == 0 ? "ac_even" : "ac_odd").appendTo(list)[0];
|
||||
$.data(li, "ac_data", data[i]);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user