Fix XSS on tasks page

nt0xa · nt0xa · commit 0f2eab324f65 · 2016-12-13T12:09:55.000+03:00
diff --git a/flower/static/js/flower.js b/flower/static/js/flower.js
@@ -800,7 +800,20 @@ var flower = (function () {
             }, {
                 targets: 4,
                 data: 'kwargs',
-                visible: isColumnVisible('kwargs')
+                visible: isColumnVisible('kwargs'),
+                render: function (data) {
+                   var entityMap = {
+                      '&': '&amp;',
+                      '<': '&lt;',
+                      '>': '&gt;',
+                      '"': '&quot;',
+                      '\'': '&#39;',
+                      '/': '&#x2F;'
+                  };
+                  return data.replace(/[&<>"'\/]/g, function (s) {
+                      return entityMap[s];
+                  });
+                }
             }, {
                 targets: 5,
                 data: 'result',
