Merge branch 'settimeout-strings' into 'master'

Replace all setTimeout strings with functions This fixes a cross-site scripting vulnerability. See merge request !41
author: Andrew Dolgov <cthulhoo@gmail.com> 2017-01-22 09:47:20 +0300
committer: Andrew Dolgov <cthulhoo@gmail.com> 2017-01-22 09:47:20 +0300
commit: 7262c1726f1b900d2211d4cfb9054aefb93b991e (patch)
tree: 7e9f21a5e61e030352a81711776731d514707bd1 /js/functions.js
parent: 0047f2578f126cb6de2eed928e86ed7340c3854d (diff)
parent: 88946d331aad96ecbdf9d570853121e5a7eb07ab (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/js/functions.js b/js/functions.js
index 384382554..63ff4121b 100755
--- a/js/functions.js
+++ b/js/functions.js
@@ -668,7 +668,7 @@ function hotkey_prefix_timeout() {
 			Element.hide('cmdline');
 		}
 
-		setTimeout("hotkey_prefix_timeout()", 1000);
+		setTimeout(hotkey_prefix_timeout, 1000);
 
 	} catch  (e) {
 		exception_error("hotkey_prefix_timeout", e);
@@ -1325,7 +1325,7 @@ function unsubscribeFeed(feed_id, title) {
 						updateFeedList();
 					} else {
 						if (feed_id == getActiveFeedId())
-							setTimeout("viewfeed({feed:-5})", 100);
+							setTimeout(function() { viewfeed({feed:-5}) }, 100);
 
 						if (feed_id < 0) updateFeedList();
 					}
author	Andrew Dolgov <cthulhoo@gmail.com>	2017-01-22 09:47:20 +0300
committer	Andrew Dolgov <cthulhoo@gmail.com>	2017-01-22 09:47:20 +0300
commit	7262c1726f1b900d2211d4cfb9054aefb93b991e (patch)
tree	7e9f21a5e61e030352a81711776731d514707bd1 /js/functions.js
parent	0047f2578f126cb6de2eed928e86ed7340c3854d (diff)
parent	88946d331aad96ecbdf9d570853121e5a7eb07ab (diff)