From f5fa732bd3cacd729f6792ca5f6feee81c40e759 Mon Sep 17 00:00:00 2001
From: Matthias BUSSONNIER <bussonniermatthias@gmail.com>
Date: Thu, 23 Jan 2014 13:29:11 +0100
Subject: [PATCH] avoid injection in input prompt

---
 IPython/html/static/notebook/js/codecell.js | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/IPython/html/static/notebook/js/codecell.js b/IPython/html/static/notebook/js/codecell.js
index c21a13618..6e3aeffe3 100644
--- a/IPython/html/static/notebook/js/codecell.js
+++ b/IPython/html/static/notebook/js/codecell.js
@@ -409,7 +409,12 @@ var IPython = (function (IPython) {
 
 
     CodeCell.input_prompt_classical = function (prompt_value, lines_number) {
-        var ns = prompt_value || "&nbsp;";
+        var ns;
+        if (prompt_value == undefined) {
+            ns = "&nbsp;";
+        } else {
+            ns = encodeURIComponent(prompt_value);
+        }
         return 'In&nbsp;[' + ns + ']:';
     };