From 2ef083c2ae0da2eef48416757d1a6fde9d79907d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Brunner?= <stephane.brunner@camptocamp.com>
Date: Tue, 17 Sep 2024 15:26:48 +0200
Subject: [PATCH] Fix DOM text reinterpreted as HTML

See:
https://github.com/camptocamp/ngeo/security/code-scanning/24
https://github.com/camptocamp/ngeo/security/code-scanning/25
https://github.com/camptocamp/ngeo/security/code-scanning/41
---
 src/import/importdatasourceComponent.js | 2 +-
 src/mobile/navigation/component.js      | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/import/importdatasourceComponent.js b/src/import/importdatasourceComponent.js
index 0bd55a6479dc..0ef1268fc9e3 100644
--- a/src/import/importdatasourceComponent.js
+++ b/src/import/importdatasourceComponent.js
@@ -254,7 +254,7 @@ export class Controller {
       if (this.file) {
         this.hasError = false;
         // update the label
-        $(fileInput).next('.custom-file-label').html(this.fileNameAndSize);
+        $(fileInput).next('.custom-file-label').text(this.fileNameAndSize);
       }
       this.scope_.$apply();
     });
diff --git a/src/mobile/navigation/component.js b/src/mobile/navigation/component.js
index 4b5a4579a194..b0b8c651a4ac 100644
--- a/src/mobile/navigation/component.js
+++ b/src/mobile/navigation/component.js
@@ -177,11 +177,12 @@ Controller.prototype.init = function (element) {
     if (!datatarget) {
       throw new Error('Missing datatarget');
     }
-    const slideIn = $(datatarget);
-    if (slideIn.length != 1) {
+    const slideInFound = $.find(datatarget);
+    if (slideInFound.length != 1) {
       throw new Error('Wrong slideIn');
     }
 
+    const slideIn = $(slideInFound);
     // slide the "new" element in
     slideIn.addClass(CLASS_NAMES.ACTIVE);