diff options
-rw-r--r-- | lib/serve.js | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/serve.js b/lib/serve.js index 4089635..29a6350 100644 --- a/lib/serve.js +++ b/lib/serve.js @@ -702,25 +702,25 @@ Serve.prototype.advsearch = function (ext) { ph('td', 'text'), ph('td', ph('input', {name: 'text', placeholder: 'regex', class: 'id-input', - value: q.text || ''})) + value: u.escapeHTML(q.text)})) ]), ph('tr', [ ph('td', 'author'), ph('td', ph('input', {name: 'source', placeholder: '@id', class: 'id-input', - value: q.source || ''})) + value: q.escapeHTML(q.source)})) ]), ph('tr', [ ph('td', 'mentions'), ph('td', ph('input', {name: 'dest', placeholder: 'id', class: 'id-input', - value: q.dest || ''})) + value: u.escapeHTML(q.dest)})) ]), ph('tr', [ ph('td', 'channel'), ph('td', ['#', ph('input', {name: 'channel', placeholder: 'channel', class: 'id-input', - value: q.channel || ''}) + value: u.escapeHTML(q.channel)}) ]) ]), ph('tr', [ |