osr-plastic/osr-discourse-src
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

SECURITY: XSS in search results term

Browse Source 
Thanks to Jerbi Nessim
This commit is contained in:
Sam 2015-10-07 10:52:24 +11:00
parent 04bd7d182f
commit 1fef49a094
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/assets/javascripts/discourse/controllers/full-page-search.js.es6
View File

@ -75,7 +75,7 @@ export default Ember.Controller.extend({
}
});
}
return q;
return Handlebars.Utils.escapeExpression(q);
},
_searchOnSortChange: true,