- Ported a missing Drupal 6.1 security fix.

author: Dries Buytaert <dries@buytaert.net> 2008-03-23 14:55:26 +0000
committer: Dries Buytaert <dries@buytaert.net> 2008-03-23 14:55:26 +0000
commit: a01deb1b1a112d23589289e7ed491295b7611b85 (patch)
tree: 524398ccb1cc57aeb125f415ae766347ed2ff533 /misc/drupal.js
parent: eafa9312724f55c456744c9b6123a135b63712cb (diff)
download: brdo-a01deb1b1a112d23589289e7ed491295b7611b85.tar.gz
brdo-a01deb1b1a112d23589289e7ed491295b7611b85.tar.bz2
1 files changed, 2 insertions, 1 deletions
diff --git a/misc/drupal.js b/misc/drupal.js
index 04dd70c66..50498d873 100644
--- a/misc/drupal.js
+++ b/misc/drupal.js
@@ -51,7 +51,8 @@ Drupal.checkPlain = function(str) {
   str = String(str);
   var replace = { '&': '&amp;', '"': '&quot;', '<': '&lt;', '>': '&gt;' };
   for (var character in replace) {
-    str = str.replace(character, replace[character]);
+    var regex = new RegExp(character, 'g');
+    str = str.replace(regex, replace[character]);
   }
   return str;
 };
author	Dries Buytaert <dries@buytaert.net>	2008-03-23 14:55:26 +0000
committer	Dries Buytaert <dries@buytaert.net>	2008-03-23 14:55:26 +0000
commit	a01deb1b1a112d23589289e7ed491295b7611b85 (patch)
tree	524398ccb1cc57aeb125f415ae766347ed2ff533 /misc/drupal.js
parent	eafa9312724f55c456744c9b6123a135b63712cb (diff)
download	brdo-a01deb1b1a112d23589289e7ed491295b7611b85.tar.gz brdo-a01deb1b1a112d23589289e7ed491295b7611b85.tar.bz2