diff options
author | ArthurHoaro <arthur@hoa.ro> | 2020-10-08 08:19:06 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-10-08 08:19:06 +0200 |
commit | 7f1bb5553b7427bd3a9e5b119f99c2ac3509c607 (patch) | |
tree | a4d6f446ec861f9a7591edb31f322e2a846b2bac /tpl/default/tag.cloud.html | |
parent | df25b28dcd3cde54d42c18a55a810daa82bf5727 (diff) | |
parent | 72fbbcd6794facea2cf06d9742359d190257b00f (diff) | |
download | Shaarli-7f1bb5553b7427bd3a9e5b119f99c2ac3509c607.tar.gz Shaarli-7f1bb5553b7427bd3a9e5b119f99c2ac3509c607.tar.zst Shaarli-7f1bb5553b7427bd3a9e5b119f99c2ac3509c607.zip |
Merge pull request #1585 from ArthurHoaro/fix/xss-and-tag-search
Security: fix multiple XSS vulnerabilities + fix search tags with special chars
Diffstat (limited to 'tpl/default/tag.cloud.html')
-rw-r--r-- | tpl/default/tag.cloud.html | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/tpl/default/tag.cloud.html b/tpl/default/tag.cloud.html index 024882ec..c067e1d4 100644 --- a/tpl/default/tag.cloud.html +++ b/tpl/default/tag.cloud.html | |||
@@ -15,7 +15,7 @@ | |||
15 | <h2 class="window-title">{'Tag cloud'|t} - {$countTags} {'tags'|t}</h2> | 15 | <h2 class="window-title">{'Tag cloud'|t} - {$countTags} {'tags'|t}</h2> |
16 | {if="!empty($search_tags)"} | 16 | {if="!empty($search_tags)"} |
17 | <p class="center"> | 17 | <p class="center"> |
18 | <a href="{$base_path}/?searchtags={$search_tags|urlencode}" class="pure-button pure-button-shaarli"> | 18 | <a href="{$base_path}/?searchtags={$search_tags_url}" class="pure-button pure-button-shaarli"> |
19 | {'List all links with those tags'|t} | 19 | {'List all links with those tags'|t} |
20 | </a> | 20 | </a> |
21 | </p> | 21 | </p> |
@@ -48,8 +48,8 @@ | |||
48 | 48 | ||
49 | <div id="cloudtag" class="cloudtag-container"> | 49 | <div id="cloudtag" class="cloudtag-container"> |
50 | {loop="tags"} | 50 | {loop="tags"} |
51 | <a href="{$base_path}/?searchtags={$key|urlencode} {$search_tags|urlencode}" style="font-size:{$value.size}em;">{$key}</a | 51 | <a href="{$base_path}/?searchtags={$tags_url.$key1} {$search_tags_url}" style="font-size:{$value.size}em;">{$key}</a |
52 | ><a href="{$base_path}/add-tag/{$key|urlencode}" title="{'Filter by tag'|t}" class="count">{$value.count}</a> | 52 | ><a href="{$base_path}/add-tag/{$tags_url.$key1}" title="{'Filter by tag'|t}" class="count">{$value.count}</a> |
53 | {loop="$value.tag_plugin"} | 53 | {loop="$value.tag_plugin"} |
54 | {$value} | 54 | {$value} |
55 | {/loop} | 55 | {/loop} |