Sanitize text input to $.fn.badge

Closes a potential XSS vector, as pointed out by Krinkle in
32091.

Change-Id: Iea702fb8736799dc7f8238e4cb357da22304c1dd

diff --git a/resources/jquery/jquery.badge.js b/resources/jquery/jquery.badge.js
index 9829747..17b6b33 100644 (file)
--- a/resources/jquery/jquery.badge.js
+++ b/resources/jquery/jquery.badge.js
@@ -41,10 +41,9 @@
                                $badge.find( '.mw-badge-content' ).text( text );
                        } else {
                                // Otherwise, create a new badge with the specified text and style
-                               div = document.createElement( 'div' );
-                               div.className = 'mw-badge mw-badge-' + ( inline ? 'inline' : 'overlay' );
-                               div.innerHTML = '<span class="mw-badge-content">' + text + '</span>';
-                               $( div ).appendTo( this );
+                               $badge = $( '<div class="mw-badge mw-badge-' + ( inline ? 'inline' : 'overlay' ) + '"></div>' )
+                                       .append( $( '<span class="mw-badge-content"></span>' ).text ( text ) )
+                                       .appendTo( this );
                        }
                } else {
                        $badge.remove();