summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorOmar Roth <omarroth@protonmail.com>2020-03-04 13:03:14 -0500
committerOmar Roth <omarroth@protonmail.com>2020-03-04 13:03:14 -0500
commit9dc4f8a1aa7ac183b2eadf73a5f0be35931e8ce3 (patch)
tree1b5d7155c0d0b41a356e8e78698b962df619f306
parent0d536d11e3d816802f4e6c569ef56d43140710aa (diff)
downloadinvidious-9dc4f8a1aa7ac183b2eadf73a5f0be35931e8ce3.tar.gz
invidious-9dc4f8a1aa7ac183b2eadf73a5f0be35931e8ce3.tar.bz2
invidious-9dc4f8a1aa7ac183b2eadf73a5f0be35931e8ce3.zip
Escape item titles in search page
Diffstat
-rw-r--r--src/invidious/views/components/item.ecr6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/invidious/views/components/item.ecr b/src/invidious/views/components/item.ecr
index f7b9cce6..9669aaeb 100644
--- a/src/invidious/views/components/item.ecr
+++ b/src/invidious/views/components/item.ecr
@@ -44,7 +44,7 @@
<% end %>
</div>
<% end %>
- <p><%= item.title %></p>
+ <p><%= HTML.escape(item.title) %></p>
</a>
<p>
<b>
@@ -76,7 +76,7 @@
<% end %>
</div>
<% end %>
- <p><a href="/watch?v=<%= item.id %>"><%= item.title %></a></p>
+ <p><a href="/watch?v=<%= item.id %>"><%= HTML.escape(item.title) %></a></p>
</a>
<p>
<b>
@@ -137,7 +137,7 @@
</div>
</a>
<% end %>
- <p><a href="/watch?v=<%= item.id %>"><%= item.title %></a></p>
+ <p><a href="/watch?v=<%= item.id %>"><%= HTML.escape(item.title) %></a></p>
<p>
<b>
<a style="width:100%" href="/channel/<%= item.ucid %>"><%= item.author %></a>
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-17 16:01:55 +0000