From 334475a50bcc97a8c326aadff0dcbb61fad40a4f Mon Sep 17 00:00:00 2001
From: Till Krüss <me@tillkruess.com>
Date: Mon, 10 Feb 2014 11:02:06 -0500
Subject: [PATCH] prevent unwanted code execution via CURLOPT_POSTFIELDS

---
 program/js/tiny_mce/plugins/autolink/editor_plugin_src.js |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/program/js/tiny_mce/plugins/autolink/editor_plugin_src.js b/program/js/tiny_mce/plugins/autolink/editor_plugin_src.js
index 8c1cd68..c05fbbc 100644
--- a/program/js/tiny_mce/plugins/autolink/editor_plugin_src.js
+++ b/program/js/tiny_mce/plugins/autolink/editor_plugin_src.js
@@ -89,8 +89,11 @@
 					while (endContainer.nodeType != 3 && endContainer.firstChild)
 						endContainer = endContainer.firstChild;
 
-					r.setStart(endContainer, 0);
-					r.setEnd(endContainer, endContainer.nodeValue.length);
+					// Move range to text node
+					if (endContainer.nodeType == 3) {
+						r.setStart(endContainer, 0);
+						r.setEnd(endContainer, endContainer.nodeValue.length);
+					}
 				}
 
 				if (r.endOffset == 1)

--
Gitblit v1.9.1