Skip to content
Permalink
Browse files Browse the repository at this point in the history
Encode search query to prevent XSS attacks.
  • Loading branch information
Peder Skou committed Apr 9, 2021
1 parent cc4398e commit 6140b14
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion ImprintCMS/Models/ViewHelpers.cs
Expand Up @@ -472,7 +472,7 @@ public static HtmlString SearchForm(this HtmlHelper helper, string action, strin
<input type=""search"" name=""q"" id=""query"" value=""{1}"" placeholder=""{2}"" />
<input type=""submit"" id=""button"" value=""{3}"" /></p>
</fieldset>
</form>", action, query, SitePhrases.LabelSearchPlaceholder, SitePhrases.LabelSearch));
</form>", action, helper.AttributeEncode(query), SitePhrases.LabelSearchPlaceholder, SitePhrases.LabelSearch));
}

public static HtmlString Legend(this HtmlHelper helper, string text)
Expand Down

0 comments on commit 6140b14

Please sign in to comment.