From 7bfe0613827aa7cee93a77ccbedab9b07ea9ca78 Mon Sep 17 00:00:00 2001
From: Olivier Goffart <olivier@woboq.com>
Date: Thu, 23 Feb 2017 14:54:17 +0100
Subject: Verify that all strings are properly escaped (#5558)

- I checked every occurence of a '%2' and make correct use of the
QString::arg overload that takes several argument instead of chaining
them, because the first argument can contains a '%1'

 - I tried to look for every label that they either use plain text or richtext
and escape the user provided strings in there.
---
 src/gui/sharelinkwidget.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/gui/sharelinkwidget.cpp')

diff --git a/src/gui/sharelinkwidget.cpp b/src/gui/sharelinkwidget.cpp
index 116cea703..456c02be7 100644
--- a/src/gui/sharelinkwidget.cpp
+++ b/src/gui/sharelinkwidget.cpp
@@ -321,7 +321,7 @@ void ShareLinkWidget::redrawElidedUrl()
         const QUrl realUrl(_shareUrl);
         QString elidedUrl = fm.elidedText(_shareUrl, Qt::ElideRight, linkLengthPixel);
 
-        u = QString("<a href=\"%1\">%2</a>").arg(realUrl.toString(QUrl::None)).arg(elidedUrl);
+        u = QString("<a href=\"%1\">%2</a>").arg(Utility::escape(realUrl.toString(QUrl::None)), Utility::escape(elidedUrl));
     }
     _ui->_labelShareLink->setText(u);
 }
-- 
cgit v1.2.3