github/plexpy
1
0
Fork 0
mirror of https://github.com/Tautulli/Tautulli.git synced 2025-08-21 05:43:22 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix potential XSS in search

Browse source
This commit is contained in:
JonnyWong16 2018-05-02 10:26:05 -07:00
commit 4fb4410552
3 changed files with 7 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

8
data/interfaces/default/search.html
View file

@ -28,15 +28,17 @@
<%def name="javascriptIncludes()">
<script>
var query_string = "${query.replace('"','\\"').replace('/','\\/') | n}";
$('#search_button').removeClass('btn-inactive');
$('#query').val("${query.replace('"','\\"') | n}").css({ right: '0', width: '250px' }).addClass('active');
$('#query').val(query_string).css({ right: '0', width: '250px' }).addClass('active');
$.ajax({
url: 'get_search_results_children',
type: "GET",
type: "POST",
async: true,
data: {
query: "${query.replace('"','\\"') | n}",
query: query_string,
limit: 30
},
complete: function (xhr, status) {