From 4e244a75bf6b352c94a21a131b1ecdcb74e6d3e3 Mon Sep 17 00:00:00 2001
From: Jan Lehnardt <jan@apache.org>
Date: Tue, 2 Nov 2010 22:16:54 +0000
Subject: Escape URL and cookie input.

git-svn-id: https://svn.apache.org/repos/asf/couchdb/branches/1.0.x@1030262 13f79535-47bb-0310-9956-ffa450edef68
---
 share/www/document.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'share/www/document.html')

diff --git a/share/www/document.html b/share/www/document.html
index b6f42018..ee0f3475 100644
--- a/share/www/document.html
+++ b/share/www/document.html
@@ -42,9 +42,9 @@ specific language governing permissions and limitations under the License.
       });
 
       $(function() {
-        $("h1 a.dbname").text(page.dbName)
+        $("h1 a.dbname").text(encodeURIComponent(page.dbName))
           .attr("href", "database.html?" + encodeURIComponent(page.db.name));
-        $("h1 strong").text(page.docId);
+        $("h1 strong").text(encodeURIComponent(page.docId));
         $("h1 a.raw").attr("href", "/" + encodeURIComponent(page.db.name) +
           "/" + encodeURIComponent(page.docId));
         page.updateFieldListing();
-- 
cgit v1.2.3