Bugfix: DOM text reinterpreted as HTM

arpitjain099 · web-flow · commit 72420ff6f946 · 2025-05-06T23:29:56.000+09:00
diff --git a/PluginsAndFeatures/azure-toolkit-for-intellij/azure-intellij-plugin-hdinsight/hdinsight_jobview_html/com.microsoft.hdinsight/hdinsight/job/html/js/tipsy.js b/PluginsAndFeatures/azure-toolkit-for-intellij/azure-intellij-plugin-hdinsight/hdinsight_jobview_html/com.microsoft.hdinsight/hdinsight/job/html/js/tipsy.js
@@ -4,7 +4,19 @@
 // released under the MIT license
 
 (function($) {
-
+    function escapeHtml(text) {
+        return text.replace(/[&<>"']/g, function(match) {
+            const escapeMap = {
+                '&': '&amp;',
+                '<': '&lt;',
+                '>': '&gt;',
+                '"': '&quot;',
+                "'": '&#39;'
+            };
+            return escapeMap[match];
+        });
+    }
+    
     function maybeCall(thing, ctx) {
         return (typeof thing == 'function') ? (thing.call(ctx)) : thing;
     }
@@ -115,7 +127,7 @@
             }
             if (typeof $e.context.nearestViewportElement == 'object'){
                 if ($e.children('title').length){
-                    $e.append('<original-title>' + ($e.children('title').text() || '') + '</original-title>')
+                    $e.append('<original-title>' + escapeHtml($e.children('title').text() || '') + '</original-title>')
                         .children('title').remove();
                 }
             }
@@ -285,4 +297,4 @@
             return dir.ns + (dir.ew ? dir.ew : '');
         };
     };
-})(jQuery);
+})(jQuery);
