summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/views/player/audio.ecr2
-rw-r--r--src/views/player/video.ecr2
2 files changed, 2 insertions, 2 deletions
diff --git a/src/views/player/audio.ecr b/src/views/player/audio.ecr
index 1122d8d0..35273a61 100644
--- a/src/views/player/audio.ecr
+++ b/src/views/player/audio.ecr
@@ -1,4 +1,4 @@
-<audio poster="<%= thumbnail %>" title="<%= video.title%>" id="player" class="video-js" data-setup="{}" style="width:100%;" controls>
+<audio poster="<%= thumbnail %>" title="<%= HTML.escape(video.title) %>" id="player" class="video-js" data-setup="{}" style="width:100%;" controls>
<% adaptive_fmts.each do |fmt| %>
<% if fmt["type"].starts_with?("audio") %>
<source src="<%= fmt["url"] %>" type='<%= fmt["type"] %>'>
diff --git a/src/views/player/video.ecr b/src/views/player/video.ecr
index 8e17711f..90abe438 100644
--- a/src/views/player/video.ecr
+++ b/src/views/player/video.ecr
@@ -1,4 +1,4 @@
-<video poster="<%= thumbnail %>" title="<%= video.title%>" id="player" class="video-js" data-setup="{}" style="width:100%;" controls>
+<video poster="<%= thumbnail %>" title="<%= HTML.escape(video.title) %>" id="player" class="video-js" data-setup="{}" style="width:100%;" controls>
<% fmt_stream.each do |fmt| %>
<source src="<%= fmt["url"]? %>" type='<%= fmt["type"]? %>'>
<% end %>
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-19 19:36:45 +0000