From 5f4bd66d362f6e7d0f57be77ca937f8935ec7fa9 Mon Sep 17 00:00:00 2001
From: Dieter De Paepe <dieter.depaepe@gmail.com>
Date: Tue, 29 Nov 2016 10:55:57 +0100
Subject: [PATCH] Properly escape html in error or warning.

---
 public/index.html | 4 ++--
 public/js/app.js  | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/public/index.html b/public/index.html
index c9120c9..e0c0822 100644
--- a/public/index.html
+++ b/public/index.html
@@ -14,8 +14,8 @@
       <textarea class="area" id="ta_turtle"></textarea>
       <input type="button" id="btn_validate" value="Validate!"/>
     </form>
-    <p id="errors"></p>
-    <p id="warnings"></p>
+    <ul id="errors"></ul>
+    <ul id="warnings"></ul>
     <p id="results"></p>
     <script src="js/app.js"></script>
   </body>
diff --git a/public/js/app.js b/public/js/app.js
index ff74e87..2306187 100644
--- a/public/js/app.js
+++ b/public/js/app.js
@@ -5,15 +5,15 @@ $("#btn_validate").click( function () {
   
   validate($("#ta_turtle").val(), function (feedback) {
     $.each(feedback.warnings, function (index, warning) {
-      $("#warnings").append('<p id="warning' + index + '">' + warning + '<br/>');
+      $("#warnings").append($('<li id="warning' + index + '">').text(warning));
     });
     
     $.each(feedback.errors, function (index, error) {
-      $("#errors").append('<p id="error' + index + '">' + error + '<br/>');
+      $("#errors").append($('<li id="error' + index + '">').text(error));
     });
 
     if (feedback.errors.length === 0 && feedback.warnings.length === 0) {
-      $("#results").append("Congrats! We've validated your output and it contains 0 errors or warnings.");
+      $("#results").append("Congrats! Your syntax is correct.");
     }
   });
 });