jared cc509874e7 Fix incomplete HTML escaping in reply textarea (ticket.js) ...

Line 1575 used .replace(/</g, '&lt;').replace(/>/g, '&gt;') to set
the comment-raw edit textarea content, missing '&' → '&amp;'. Replaced
with lt.escHtml() which escapes all five special HTML characters (&, <,
>, ", ') consistently with the rest of the codebase.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-05 18:21:54 -04:00

..

advanced-search.js

Fix double-firing event handlers, non-bubbling keyboard status event, and saved filter status type

2026-04-05 10:40:16 -04:00

ascii-banner.js

Accessibility pass: ARIA roles, label associations, CSS class migrations

2026-03-20 20:29:58 -04:00

base.js

Fix bulk assign user search: replace broken combobox with typeahead

2026-04-05 12:35:32 -04:00

dashboard.js

Fix bulk assign user search: replace broken combobox with typeahead

2026-04-05 12:35:32 -04:00

keyboard-shortcuts.js

Fix double-firing event handlers, non-bubbling keyboard status event, and saved filter status type

2026-04-05 10:40:16 -04:00

markdown.js

Fix bracket buttons rendering below text + UI/security improvements

2026-03-19 22:20:43 -04:00

settings.js

Guard lt.* calls when base.js unavailable to prevent crash

2026-03-17 23:34:59 -04:00

ticket.js

Fix incomplete HTML escaping in reply textarea (ticket.js)

2026-04-05 18:21:54 -04:00

toast.js

Integrate web_template design system and fix security/quality issues

2026-03-17 23:22:24 -04:00

utils.js

Fix CSP-blocked chart scripts, undefined CSS classes, and double-firing click handlers

2026-04-04 23:00:35 -04:00