Fix embed

[rails.git] / app / assets / javascripts / leaflet.share.js

diff --git a/app/assets/javascripts/leaflet.share.js b/app/assets/javascripts/leaflet.share.js
index 4264e56161f1c921b94163f3d8cf5a629da67963..aef60d1cd9b735d942daf951689222cf68800764 100644 (file)
--- a/app/assets/javascripts/leaflet.share.js
+++ b/app/assets/javascripts/leaflet.share.js
@@ -290,9 +290,9 @@ L.OSM.share = function (options) {
 
       $('#embed_html').val(
         '<iframe width="425" height="350" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" src="' +
-          'http://' + OSM.SERVER_URL + '/export/embed.html?' + $.param(params) +
+          escapeHTML('http://' + OSM.SERVER_URL + '/export/embed.html?' + $.param(params)) +
           '" style="border: 1px solid black"></iframe><br/>' +
-          '<small><a href="' + map.getUrl(marker) + '</a></small>');
+          '<small><a href="' + escapeHTML(map.getUrl(marker)) + '</a></small>');
 
       // Image