diff options
| author | Joey Hess <joey@kitenet.net> | 2011-09-27 10:45:21 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2011-09-27 11:05:34 -0400 |
| commit | 6321a75e0ce6591d4071fc022ce418be9698e941 (patch) | |
| tree | 68d8ebda13fc1e8fc9753ec66fe0abb2b67d7aad /templates | |
| parent | 027455f155860907a3c7822e5f14b6f030e54d2b (diff) | |
| download | ikiwiki-6321a75e0ce6591d4071fc022ce418be9698e941.tar ikiwiki-6321a75e0ce6591d4071fc022ce418be9698e941.tar.gz | |
track escaping change in upstream template
This is not belived to be XSS exploitable due to other checks in ikiwiki.
Thanks Olly Betts for review.
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/searchquery.tmpl | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/templates/searchquery.tmpl b/templates/searchquery.tmpl index 5b9fbbf7f..15bc78e28 100644 --- a/templates/searchquery.tmpl +++ b/templates/searchquery.tmpl @@ -70,7 +70,7 @@ $if{$field{language},Language: <b>$html{$field{language}}</b><br>} $if{$field{size},<span title="$html{$field{size}} bytes">Size: <b>$html{$filesize{$field{size}}}</b></span><br>} </div> </td> -<td><B><A HREF="$field{url}">$html{$or{$field{caption},$field{title},$field{url},Untitled}}</A></B><BR> +<td><B><A HREF="$html{$field{url}}">$html{$or{$field{caption},$field{title},$field{url},Untitled}}</A></B><BR> <small>$highlight{$field{sample},$terms}$if{$field{sample},...}</small><br> <small> $percentage% relevant$. matching: |