Escape URL and cookie input.

git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@1030261 13f79535-47bb-0310-9956-ffa450edef68
author: Jan Lehnardt <jan@apache.org> 2010-11-02 22:16:18 +0000
committer: Jan Lehnardt <jan@apache.org> 2010-11-02 22:16:18 +0000
commit: 871e2617e32fb305b9a4e16e560e270a7ef84ffc (patch)
tree: 8c233b348045a46484c7405590900d1afdfb5a6c /share/www/script/futon.format.js
parent: b49ac86e9ac820ff327d132e418f0df5e0f772c8 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/share/www/script/futon.format.js b/share/www/script/futon.format.js
index 0d536e36..31880764 100644
--- a/share/www/script/futon.format.js
+++ b/share/www/script/futon.format.js
@@ -16,7 +16,10 @@
     escape: function(string) {
       return string.replace(/&/g, "&amp;")
                    .replace(/</g, "&lt;")
-                   .replace(/>/g, "&gt;");
+                   .replace(/>/g, "&gt;")
+                   .replace(/"/, "&quot;")
+                   .replace(/'/, "&#39;;")
+                   ;
     },
 
     // JSON pretty printing
author	Jan Lehnardt <jan@apache.org>	2010-11-02 22:16:18 +0000
committer	Jan Lehnardt <jan@apache.org>	2010-11-02 22:16:18 +0000
commit	871e2617e32fb305b9a4e16e560e270a7ef84ffc (patch)
tree	8c233b348045a46484c7405590900d1afdfb5a6c /share/www/script/futon.format.js
parent	b49ac86e9ac820ff327d132e418f0df5e0f772c8 (diff)