From 07efd39d8a1b82f61f5ed429cd713c04c5988788 Mon Sep 17 00:00:00 2001
From: Bjoern Schiessle <schiessle@owncloud.com>
Date: Wed, 11 Jul 2012 15:44:39 +0200
Subject: [PATCH] prevent script execution during slideshow

---
 apps/gallery/js/slideshow.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/gallery/js/slideshow.js b/apps/gallery/js/slideshow.js
index 88e89f39ff0..cc5dfc44a26 100644
--- a/apps/gallery/js/slideshow.js
+++ b/apps/gallery/js/slideshow.js
@@ -15,7 +15,7 @@ $(document).ready(function(){
 
 		var images=[];
 		$('#gallerycontent div a').each(function(i,a){
-			images.push({image : a.href, title : a.title, thumb : a.children[0].src, url : 'javascript:$.endSlideshow()'});
+			images.push({image : a.href, title : a.title.replace(/</, '&lt;').replace(/>/, '&gt;'), thumb : a.children[0].src, url : 'javascript:$.endSlideshow()'});
 		});
 
 		if (images.length <= 0) {
-- 
GitLab