From: Magnus Hagander <magnus@hagander.net>
Date: Sun, 25 Nov 2012 15:15:52 +0000 (+0100)
Subject: Escape HTML in thread dropdown when using javascript
X-Git-Url: http://git.postgresql.org/gitweb/static/gitweb.js?a=commitdiff_plain;h=a2e09adfc94f109c24541fc314dabfb7cbf25afc;p=pgarchives.git

Escape HTML in thread dropdown when using javascript
---

diff --git a/django/archives/mailarchives/templates/message.html b/django/archives/mailarchives/templates/message.html
index 599d827..4eef750 100644
--- a/django/archives/mailarchives/templates/message.html
+++ b/django/archives/mailarchives/templates/message.html
@@ -11,6 +11,7 @@ function onThreadSelect() {
 $(function(){
    $('select#thread_select').selectmenu({
       style:'dropdown',
+      escapeHtml:true,
       icons:[
          {find:'.hasatt', icon: 'ui-icon-document'},
       ]