Mercurial > pidgin

changeset 28010:cc70e2bc4de5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jabber: Escape status messages with a '<' or '>' in the Get Info dialog. Marcus pointed this out.
author Paul Aurich <paul@darkrain42.org>
date Wed, 19 Aug 2009 16:21:47 +0000
parents a8844bb7a60e
children bbb9e0ea67fe
files ChangeLog libpurple/protocols/jabber/buddy.c
diffstat 2 files changed, 4 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Wed Aug 19 08:28:29 2009 +0000
+++ b/ChangeLog	Wed Aug 19 16:21:47 2009 +0000
@@ -3,6 +3,7 @@
 version 2.6.2 (??/??/2009):
 	XMPP:
 	* Prompt the user before cancelling a presence subscription.
+	* Escape status messages that have HTML entities in the Get Info dialog.
 
 version 2.6.1 (08/18/2009):
 	* Fix a crash when some users send you a link in a Yahoo IM
--- a/libpurple/protocols/jabber/buddy.c	Wed Aug 19 08:28:29 2009 +0000
+++ b/libpurple/protocols/jabber/buddy.c	Wed Aug 19 16:21:47 2009 +0000
@@ -749,7 +749,9 @@
 		const char *status_name = jabber_buddy_state_get_name(jbr->state);
 
 		if (jbr->status) {
-			purdy = purple_strdup_withhtml(jbr->status);
+			tmp = purple_markup_escape_text(jbr->status, -1);
+			purdy = purple_strdup_withhtml(tmp);
+			g_free(tmp);
 
 			if (purple_strequal(status_name, purdy))
 				status_name = NULL;