From 182e5c02a1f4691da1f09d740e1610c31c0de2b6 Mon Sep 17 00:00:00 2001
From: matthew <properties@users.noreply.github.com>
Date: Mon, 26 Sep 2016 21:37:45 +0200
Subject: [PATCH] Update upgrade.js

Fixing XSS problem
---
 src/js/upgrade.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/js/upgrade.js b/src/js/upgrade.js
index 1986965..a465265 100644
--- a/src/js/upgrade.js
+++ b/src/js/upgrade.js
@@ -74,7 +74,7 @@
 					localStorage.setItem(headerKey + headerId, JSON.stringify({
 						id: headerId,
 						header: header.header || "",
-						value: header.value || "",
+						value: escape(header.value) || "",
 						// Only set as inactive if explicitly false
 						active: (header.active === false) ? false : true
 					}));