diff options
| author | Jordan <me@jordan.im> | 2020-04-05 21:08:55 -0700 |
|---|---|---|
| committer | Jordan <me@jordan.im> | 2020-04-05 21:08:55 -0700 |
| commit | 65c0e04bb3bb1fd715be12f44f44ad05373754c0 (patch) | |
| tree | 71ed443886fc2c5dba16cf3448ff3ee3b8c39587 /templates | |
| parent | 7da67c278b703baf8b0c960a3085a2a5b7c0e83b (diff) | |
| download | roka-65c0e04bb3bb1fd715be12f44f44ad05373754c0.tar.gz roka-65c0e04bb3bb1fd715be12f44f44ad05373754c0.zip | |
ensure HTML-safety of attributes; only-whitespace values treated as unpopulated
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/index.html | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/templates/index.html b/templates/index.html index 7bee424..9bf35db 100644 --- a/templates/index.html +++ b/templates/index.html @@ -33,8 +33,8 @@ </tr> {% for b, v in books.items() %} <tr> - <td><a href="?a={{ b }}">{{ v['title'] }}</a></td> - <td>{{ v['path'] }}</td> + <td><a href="?a={{ b }}">{{ v['title']|escape }}</a></td> + <td>{{ v['path']|escape }}</td> <td>{{ v['files']|length }}</td> <td>{{ v['duration_str'] }}</td> <td>{{ v['size_str'] }}</td> |