Skip to content
Permalink
Browse files

Escape quotes in websearch filter

  • Loading branch information...
lovett committed Aug 13, 2019
1 parent b705498 commit e09da5d435ed096ce1dc4c5e81111393e4f7a4d6
Showing with 2 additions and 1 deletion.
  1. +2 −1 plugins/jinja.py
@@ -3,6 +3,7 @@
Based on sample code from https://bitbucket.org/Lawouach/cherrypy-recipes.
"""

import html
import http.client
import os
import os.path
@@ -234,7 +235,7 @@ def websearch_filter(eval_ctx, value, engine=None, url_only=False,
if not url:
raise jinja2.TemplateError("Unrecognized search engine")

url = url.format(value)
url = url.format(html.escape(value))

if url_only:
return url

0 comments on commit e09da5d

Please sign in to comment.
You can’t perform that action at this time.