diff options
| -rw-r--r-- | webkit/port/page/inspector/inspector.js | 5 | ||||
| -rw-r--r-- | webkit/port/page/inspector/utilities.js | 12 |
2 files changed, 9 insertions, 8 deletions
diff --git a/webkit/port/page/inspector/inspector.js b/webkit/port/page/inspector/inspector.js index a1e1805a..dfd9d07 100644 --- a/webkit/port/page/inspector/inspector.js +++ b/webkit/port/page/inspector/inspector.js @@ -809,11 +809,12 @@ WebInspector.showResourceForURL = function(url, line) WebInspector.linkifyURL = function(url, linkText, classes, isExternal) { + url = url.escapeHTML(); if (linkText === undefined) - linkText = url.escapeHTML(); + linkText = url; classes = (classes === undefined) ? "" : classes + " "; classes += isExternal ? "webkit-html-external-link" : "webkit-html-resource-link"; - var link = "<a href=\"" + url + "\" class=\"" + classes + "\" title=\"" + url + "\" target=\"_blank\">" + linkText + "</a>"; + var link = "<a href=\"" + url + "\" class=\"" + classes.escapeHTML() + "\" title=\"" + url + "\" target=\"_blank\">" + linkText + "</a>"; return link; } diff --git a/webkit/port/page/inspector/utilities.js b/webkit/port/page/inspector/utilities.js index 5d295d4..9dcf71c 100644 --- a/webkit/port/page/inspector/utilities.js +++ b/webkit/port/page/inspector/utilities.js @@ -246,7 +246,7 @@ String.prototype.escapeForRegExp = function() String.prototype.escapeHTML = function() { - return this.replace(/&/g, "&").replace(/</g, "<").replace(/>/g, ">"); + return this.replace(/&/g, "&").replace(/</g, "<").replace(/>/g, ">").replace(/\"/g, """).replace(/\'/g, "'"); } String.prototype.collapseWhitespace = function() @@ -674,15 +674,15 @@ function nodeTitleInfo(hasChildren, linkify) break; case Node.DOCUMENT_TYPE_NODE: - info.title = "<span class=\"webkit-html-doctype\"><!DOCTYPE " + this.nodeName; + info.title = "<span class=\"webkit-html-doctype\"><!DOCTYPE " + this.nodeName.escapeHTML(); if (this.publicId) { - info.title += " PUBLIC \"" + this.publicId + "\""; + info.title += " PUBLIC \"" + this.publicId.escapeHTML() + "\""; if (this.systemId) - info.title += " \"" + this.systemId + "\""; + info.title += " \"" + this.systemId.escapeHTML() + "\""; } else if (this.systemId) - info.title += " SYSTEM \"" + this.systemId + "\""; + info.title += " SYSTEM \"" + this.systemId.escapeHTML() + "\""; if (this.internalSubset) - info.title += " [" + this.internalSubset + "]"; + info.title += " [" + this.internalSubset.escapeHTML() + "]"; info.title += "></span>"; break; default: |