From 2d698f0ba030aacf5d1a56ee9f6e6f0675c88389 Mon Sep 17 00:00:00 2001
From: Victor Costa <vfcosta@gmail.com>
Date: Fri, 13 Dec 2013 17:26:34 -0300
Subject: [PATCH] Fix jquery xss issue

---
 public/javascripts/jquery-latest.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/public/javascripts/jquery-latest.js b/public/javascripts/jquery-latest.js
index 78fcfa4..5f38ee7 100644
--- a/public/javascripts/jquery-latest.js
+++ b/public/javascripts/jquery-latest.js
@@ -36,7 +36,8 @@ var jQuery = function( selector, context ) {
 
 	// A simple way to check for HTML strings or ID strings
 	// (both of which we optimize for)
-	quickExpr = /^(?:[^<]*(<[\w\W]+>)[^>]*$|#([\w\-]+)$)/,
+	//fix xss: http://ma.la/jquery_xss/ http://blog.jquery.com/2011/09/01/jquery-1-6-3-released/
+	quickExpr = /^(?:[^#<]*(<[\w\W]+>)[^>]*$|#([\w\-]*)$)/,
 
 	// Check if a string has a non-whitespace character in it
 	rnotwhite = /\S/,
--
libgit2 0.21.2