blallo/tt-rss
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Escape quotes in bookmarklet confirm message

Browse source
This commit is contained in:
Alexandre Gravel-Raymond 2012-05-19 20:26:09 +02:00
parent 1bd11fdf95
commit b1e592d37f
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
classes/pref_feeds.php
View file

@ -1501,7 +1501,7 @@ class Pref_Feeds extends Protected_Handler {
$bm_subscribe_url = str_replace('%s', '', add_feed_url());
$confirm_str = __('Subscribe to %s in Tiny Tiny RSS?');
$confirm_str = str_replace("'", "\'", __('Subscribe to %s in Tiny Tiny RSS?'));
$bm_url = htmlspecialchars("javascript:{if(confirm('$confirm_str'.replace('%s',window.location.href)))window.location.href='$bm_subscribe_url'+window.location.href}");