diff --git a/apps/common/main/lib/controller/ReviewChanges.js b/apps/common/main/lib/controller/ReviewChanges.js index 2efcf0de6..d0a9b4c2c 100644 --- a/apps/common/main/lib/controller/ReviewChanges.js +++ b/apps/common/main/lib/controller/ReviewChanges.js @@ -201,7 +201,7 @@ define([ if (typeof value == 'object') { _.each(value, function(obj) { if (typeof obj === 'string') - changetext += (' ' + obj); + changetext += (' ' + Common.Utils.String.htmlEncode(obj)); else { switch (obj) { case 0: @@ -220,7 +220,7 @@ define([ } }) } else if (typeof value === 'string') { - changetext += (' ' + value); + changetext += (' ' + Common.Utils.String.htmlEncode(value)); } break; case Asc.c_oAscRevisionsChangeType.TextRem: @@ -228,7 +228,7 @@ define([ if (typeof value == 'object') { _.each(value, function(obj) { if (typeof obj === 'string') - changetext += (' ' + obj); + changetext += (' ' + Common.Utils.String.htmlEncode(obj)); else { switch (obj) { case 0: @@ -247,7 +247,7 @@ define([ } }) } else if (typeof value === 'string') { - changetext += (' ' + value); + changetext += (' ' + Common.Utils.String.htmlEncode(value)); } break; case Asc.c_oAscRevisionsChangeType.ParaAdd: