https://issues.apache.org/jira/browse/AMQ-4471 - Fixing bug where stomp ws example allows remote JS execution.

This commit is contained in:
Hiram Chirino 2013-10-30 13:19:26 -04:00
parent aaa1a74dfb
commit 22dc6d444a
1 changed files with 4 additions and 2 deletions

View File

@ -101,7 +101,7 @@
// this allows to display debug logs directly on the web page // this allows to display debug logs directly on the web page
client.debug = function(str) { client.debug = function(str) {
$("#debug").append(str + "\n"); $("#debug").append(document.createTextNode(str + "\n"));
}; };
// the client is notified when it is connected to the server. // the client is notified when it is connected to the server.
@ -110,7 +110,9 @@
$('#connect').fadeOut({ duration: 'fast' }); $('#connect').fadeOut({ duration: 'fast' });
$('#connected').fadeIn(); $('#connected').fadeIn();
client.subscribe(destination, function(message) { client.subscribe(destination, function(message) {
$("#messages").append("<p>" + message.body + "</p>\n"); var p = document.createElement("p");
p.appendChild(document.createTextNode(message.body));
$("#messages").append(p);
}); });
}); });
return false; return false;