mirrors/nadeko_invidious
1
0
Fork 0
mirror of https://git.nadeko.net/Fijxu/invidious.git synced 2025-12-30 03:21:35 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Change <input value="..."> encoding to HTML.escape

Browse Source
This commit is contained in:
mastihios
2021-10-11 20:35:07 +00:00
committed by Samantaz Fox
parent 0ca333715b
commit cb0f7bf6b0
13 changed files with 17 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/invidious/views/template.ecr
View File

@@ -72,7 +72,7 @@
<% end %>
<div class="pure-u-1-4">
<form action="/signout?referer=<%= env.get?("current_page") %>" method="post">
<input type="hidden" name="csrf_token" value="<%= URI.encode_www_form(env.get?("csrf_token").try &.as(String) || "") %>">
<input type="hidden" name="csrf_token" value="<%= HTML.escape(env.get?("csrf_token").try &.as(String) || "") %>">
<a class="pure-menu-heading" href="#">
<input style="all:unset" type="submit" value="<%= translate(locale, "Log out") %>">
</a>