FIX: Escape name on activity feed
This commit is contained in:
Robin Ward
parent
10d0320532
commit
faa341148e
|
|
@ -75,13 +75,15 @@ Discourse.User = Discourse.Model.extend({
|
||||||
}.property('profile_background'),
|
}.property('profile_background'),
|
||||||
|
|
||||||
statusIcon: function() {
|
statusIcon: function() {
|
||||||
var desc;
|
var name = Handlebars.Utils.escapeExpression(this.get('name')),
|
||||||
|
desc;
|
||||||
|
|
||||||
if(this.get('admin')) {
|
if(this.get('admin')) {
|
||||||
desc = I18n.t('user.admin', {user: this.get("name")});
|
desc = I18n.t('user.admin', {user: name});
|
||||||
return '<i class="fa fa-trophy" title="' + desc + '" alt="' + desc + '"></i>';
|
return '<i class="fa fa-trophy" title="' + desc + '" alt="' + desc + '"></i>';
|
||||||
}
|
}
|
||||||
if(this.get('moderator')){
|
if(this.get('moderator')){
|
||||||
desc = I18n.t('user.moderator', {user: this.get("name")});
|
desc = I18n.t('user.moderator', {user: name});
|
||||||
return '<i class="fa fa-magic" title="' + desc + '" alt="' + desc + '"></i>';
|
return '<i class="fa fa-magic" title="' + desc + '" alt="' + desc + '"></i>';
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
|
|
|
||||||
|
|
@ -20,9 +20,10 @@ var UserActionTypes = {
|
||||||
edits: 11,
|
edits: 11,
|
||||||
messages_sent: 12,
|
messages_sent: 12,
|
||||||
messages_received: 13
|
messages_received: 13
|
||||||
};
|
},
|
||||||
|
esc = Handlebars.Utils.escapeExpression,
|
||||||
|
InvertedActionTypes = {};
|
||||||
|
|
||||||
var InvertedActionTypes = {};
|
|
||||||
_.each(UserActionTypes, function (k, v) {
|
_.each(UserActionTypes, function (k, v) {
|
||||||
InvertedActionTypes[k] = v;
|
InvertedActionTypes[k] = v;
|
||||||
});
|
});
|
||||||
|
|
@ -81,11 +82,11 @@ Discourse.UserAction = Discourse.Model.extend({
|
||||||
replyUrl: this.get('replyUrl'),
|
replyUrl: this.get('replyUrl'),
|
||||||
postUrl: this.get('postUrl'),
|
postUrl: this.get('postUrl'),
|
||||||
topicUrl: this.get('replyUrl'),
|
topicUrl: this.get('replyUrl'),
|
||||||
user: this.get('presentName'),
|
user: esc(this.get('presentName')),
|
||||||
post_number: '#' + this.get('reply_to_post_number'),
|
post_number: '#' + this.get('reply_to_post_number'),
|
||||||
user1Url: this.get('userUrl'),
|
user1Url: this.get('userUrl'),
|
||||||
user2Url: this.get('targetUserUrl'),
|
user2Url: this.get('targetUserUrl'),
|
||||||
another_user: this.get('targetDisplayName')
|
another_user: esc(this.get('targetDisplayName'))
|
||||||
}));
|
}));
|
||||||
|
|
||||||
}.property('descriptionKey'),
|
}.property('descriptionKey'),
|
||||||
|
|
|
||||||
|
|
@ -14,13 +14,13 @@ Discourse.UserStreamView = Discourse.View.extend(Discourse.LoadMore, {
|
||||||
|
|
||||||
actions: {
|
actions: {
|
||||||
loadMore: function() {
|
loadMore: function() {
|
||||||
var userStreamView = this;
|
var self = this;
|
||||||
if (userStreamView.get('loading')) { return; }
|
if (this.get('loading')) { return; }
|
||||||
|
|
||||||
var stream = this.get('controller.model');
|
var stream = this.get('controller.model');
|
||||||
stream.findItems().then(function() {
|
stream.findItems().then(function() {
|
||||||
userStreamView.set('loading', false);
|
self.set('loading', false);
|
||||||
userStreamView.get('eyeline').flushRest();
|
self.get('eyeline').flushRest();
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue