jquery-ui

library-mirrors/jquery-ui

Fork 0

mirror of https://github.com/jquery/jquery-ui.git synced 2024-11-21 11:04:24 +00:00

Commit Graph

Author	SHA1	Message	Date
Michał Gołębiowski-Owczarek	8cc5bae1ca	Checkboxradio: Don't re-evaluate text labels as HTML If you generate a Checkboxradio from a checkbox/radio with a label that contains encoded HTML, e.g. `<em>test</em>` this will work fine at first. If, however a refresh is triggered on that instance (explicitly or e.g. by turning it into a `Controlgroup`), the previously escaped HTML will now be evaluated. If the label was created based on some user input, this could lead to unexpected code execution even though the initial output was escaped. Fixes gh-2101 Closes gh-2102	2022-07-14 20:52:02 +02:00
Scott González	e77fbe5388	Checkboxradio: Properly find radio groups from the associated form Fixes #9973 Closes gh-1631	2015-10-29 11:19:13 -04:00
Alexander Schmitz	25d0c85718	Checkboxradio: Initial commit of new widget	2015-10-07 10:57:59 -04:00

Author

SHA1

Message

Date

Michał Gołębiowski-Owczarek

8cc5bae1ca

Checkboxradio: Don't re-evaluate text labels as HTML

If you generate a Checkboxradio from a checkbox/radio with a label that
contains encoded HTML, e.g. `&lt;em&gt;test&lt;/em&gt;` this will work fine
at first. If, however a refresh is triggered on that instance (explicitly or
e.g. by turning it into a `Controlgroup`), the previously escaped HTML will
now be evaluated.

If the label was created based on some user input, this could lead to
unexpected code execution even though the initial output was escaped.

Fixes gh-2101
Closes gh-2102

2022-07-14 20:52:02 +02:00

Scott González

e77fbe5388

Checkboxradio: Properly find radio groups from the associated form

Fixes #9973
Closes gh-1631

2015-10-29 11:19:13 -04:00

Alexander Schmitz

25d0c85718

Checkboxradio: Initial commit of new widget

2015-10-07 10:57:59 -04:00

3 Commits