Merge pull request #9475 from camptocamp/codeql-fix

Fix DOM text reinterpreted as HTML
camptocamp · Sep 18, 2024 · fa9bc6f · fa9bc6f
2 parents 42a9f95 + 2ef083c
commit fa9bc6f
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 3 deletions.
diff --git a/src/import/importdatasourceComponent.js b/src/import/importdatasourceComponent.js
@@ -254,7 +254,7 @@ export class Controller {
       if (this.file) {
         this.hasError = false;
         // update the label
-        $(fileInput).next('.custom-file-label').html(this.fileNameAndSize);
+        $(fileInput).next('.custom-file-label').text(this.fileNameAndSize);
       }
       this.scope_.$apply();
     });

diff --git a/src/mobile/navigation/component.js b/src/mobile/navigation/component.js
@@ -177,11 +177,12 @@ Controller.prototype.init = function (element) {
     if (!datatarget) {
       throw new Error('Missing datatarget');
     }
-    const slideIn = $(datatarget);
-    if (slideIn.length != 1) {
+    const slideInFound = $.find(datatarget);
+    if (slideInFound.length != 1) {
       throw new Error('Wrong slideIn');
     }
 
+    const slideIn = $(slideInFound);
     // slide the "new" element in
     slideIn.addClass(CLASS_NAMES.ACTIVE);