aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/serve.js2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/serve.js b/lib/serve.js
index 9ef292a..0410a92 100644
--- a/lib/serve.js
+++ b/lib/serve.js
@@ -4271,7 +4271,7 @@ Serve.prototype.drafts = function (path) {
+ (form.composer_id ? '#' + encodeURIComponent(form.composer_id) : '')
cb(null, ph('div', [
ph('table', ph('tr', [
- ph('td', ph('form', {method: 'post', action: composerUrl}, [
+ ph('td', ph('form', {method: 'post', action: u.escapeHTML(composerUrl)}, [
hiddenInput('draft_id', id),
hiddenInput('restored_draft', '1'),
Object.keys(form).map(function (key) {
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-29 04:31:14 +0000