diff --git a/public/javascripts/application.js b/public/javascripts/application.js
index 770d5900c..42a2d73ce 100644
--- a/public/javascripts/application.js
+++ b/public/javascripts/application.js
@@ -1,6 +1,12 @@
/* Redmine - project management software
Copyright (C) 2006-2020 Jean-Philippe Lang */
+function sanitizeHTML(string) {
+ var temp = document.createElement('span');
+ temp.textContent = string;
+ return temp.innerHTML;
+}
+
function checkAll(id, checked) {
$('#'+id).find('input[type=checkbox]:enabled').prop('checked', checked);
}
@@ -1130,6 +1136,9 @@ function inlineAutoComplete(element) {
selectTemplate: function (issue) {
return '#' + issue.original.id;
},
+ menuItemTemplate: function (issue) {
+ return sanitizeHTML(issue.original.label);
+ },
noMatchTemplate: function () {
return '';
}
@@ -1147,6 +1156,9 @@ function inlineAutoComplete(element) {
selectTemplate: function (wikiPage) {
return '[[' + wikiPage.original.value + ']]';
},
+ menuItemTemplate: function (wikiPage) {
+ return sanitizeHTML(wikiPage.original.label);
+ },
noMatchTemplate: function () {
return '';
}
diff --git a/test/system/inline_autocomplete_test.rb b/test/system/inline_autocomplete_test.rb
index f3c7daef6..b2f943d05 100644
--- a/test/system/inline_autocomplete_test.rb
+++ b/test/system/inline_autocomplete_test.rb
@@ -151,4 +151,17 @@ class InlineAutocompleteSystemTest < ApplicationSystemTestCase
end
assert_equal '[[Page_with_sections]] ', find('#issue_description').value
end
+
+ def test_inline_autocomplete_for_issues_should_escape_html_elements
+ issue = Issue.generate!(subject: 'This issue has a