prevent absolutely useless 'exploit' (not really) while editing filters (closes #572)

author: Andrew Dolgov <[email protected]> 2013-03-17 14:55:55 +0400
committer: Andrew Dolgov <[email protected]> 2013-03-17 14:55:55 +0400
commit: f01c8ec4f1324ed8b68e912220735af96c86883c (patch)
tree: 22f516816d37d305c474242c796a55c449fba2af /js/functions.js
parent: 26e2b1843332bfc12426e68f1e259b95c9e997f0 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/js/functions.js b/js/functions.js
index 72f72ddaa..e00690c1c 100644
--- a/js/functions.js
+++ b/js/functions.js
@@ -964,6 +964,8 @@ function createNewRuleElement(parentNode, replaceNode) {
 	try {
 		var form = document.forms["filter_new_rule_form"];
 
+		form.reg_exp.value = form.reg_exp.value.replace(/(<([^>]+)>)/ig,"");
+
 		var query = "backend.php?op=pref-filters&method=printrulename&rule="+
 			param_escape(dojo.formToJson(form));
author	Andrew Dolgov <[email protected]>	2013-03-17 14:55:55 +0400
committer	Andrew Dolgov <[email protected]>	2013-03-17 14:55:55 +0400
commit	f01c8ec4f1324ed8b68e912220735af96c86883c (patch)
tree	22f516816d37d305c474242c796a55c449fba2af /js/functions.js
parent	26e2b1843332bfc12426e68f1e259b95c9e997f0 (diff)