diff options
| author | Ondrej Zara <ondrej.zara@firma.seznam.cz> | 2015-08-04 16:36:30 +0200 |
|---|---|---|
| committer | Ondrej Zara <ondrej.zara@firma.seznam.cz> | 2015-08-04 16:36:30 +0200 |
| commit | 921ccb4b2139f6239da2ad76f07217775c281ea8 (patch) | |
| tree | e1e42f5ef32d31429578dbbc343a7a59073f2256 /js/table.js | |
| parent | a8f650f5c14a5d3a194ce470a49c6c483c91e9a9 (diff) | |
| download | wwwsqldesigner-921ccb4b2139f6239da2ad76f07217775c281ea8.zip wwwsqldesigner-921ccb4b2139f6239da2ad76f07217775c281ea8.tar.gz wwwsqldesigner-921ccb4b2139f6239da2ad76f07217775c281ea8.tar.bz2 | |
xml escaping, fixes #207
Diffstat (limited to 'js/table.js')
| -rw-r--r-- | js/table.js | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/js/table.js b/js/table.js index b72ce11..1b20f20 100644 --- a/js/table.js +++ b/js/table.js @@ -245,8 +245,7 @@ SQL.Table.prototype.toXML = function() { } var c = this.getComment(); if (c) { - c = c.replace(/&/g, "&").replace(/>/g, ">").replace(/</g, "<"); - xml += "<comment>"+c+"</comment>\n"; + xml += "<comment>"+SQL.escape(c)+"</comment>\n"; } xml += "</table>\n"; return xml; |