fix: potential for XSS here

2025-10-26 08:36:12 +01:00 · 2019-09-26 14:00:01 -04:00
parent 7a0f607434
commit 40f131a6bb
1 changed files with 1 additions and 0 deletions
--- a/public/src/utils.js
+++ b/public/src/utils.js
@@ -691,6 +691,7 @@
 		},

 		urlToLocation: function (url) {
+			url = encodeURI(url);
 			return $('<a href="' + url + '" />')[0];
 		},