diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/assets/javascript/plupload.js | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/phpBB/assets/javascript/plupload.js b/phpBB/assets/javascript/plupload.js index 91a9806955..3c2fc5c3cb 100644 --- a/phpBB/assets/javascript/plupload.js +++ b/phpBB/assets/javascript/plupload.js @@ -162,7 +162,7 @@ phpbb.plupload.insertRow = function(file) { var row = $(phpbb.plupload.rowTpl); row.attr('id', file.id); - row.find('.file-name').html(file.name); + row.find('.file-name').html(plupload.xmlEncode(file.name)); row.find('.file-size').html(plupload.formatSize(file.size)); if (phpbb.plupload.order == 'desc') { @@ -499,6 +499,8 @@ $('#file-list').on('click', '.file-error', function(e) { * Fires when an error occurs. */ uploader.bind('Error', function(up, error) { + error.file.name = plupload.xmlEncode(error.file.name); + // The error message that Plupload provides for these is vague, so we'll be more specific. if (error.code === plupload.FILE_EXTENSION_ERROR) { error.message = plupload.translate('Invalid file extension:') + ' ' + error.file.name; |