Fixed allowing for execution of arbitrary Javascript in student response.

ORA-256
2014-01-21 18:51:25 +05:00
parent a077dc815c
commit d12e7e8877
1 changed files with 1 additions and 0 deletions
--- a/common/lib/xmodule/xmodule/js/src/combinedopenended/display.coffee
+++ b/common/lib/xmodule/xmodule/js/src/combinedopenended/display.coffee
@@ -368,6 +368,7 @@ class @CombinedOpenEnded
      @rub.initialize(@location)
      @child_state = 'assessing'
      @find_assessment_elements()
+      @answer_area.val(response.student_response)
      @rebind()
      answer_area_div = @$(@answer_area_div_sel)
      answer_area_div.html(response.student_response)