deadvey/blogger-nodejs
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Escape potentially dangerous input in the search field

Browse Source
This commit is contained in:
deadvey
2025-10-01 17:45:31 +01:00
parent acca51da20
commit 87fd97730e
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/routes/form_actions.js
View File

@@ -201,7 +201,7 @@ router.post("/submit_edit_post", (req,res) => {
}); // /submit_edit }); // /submit_edit
router.get('/search', (req, res) => { router.get('/search', (req, res) => {
const search_term = req.query.q; // 'q' is the parameter name const search_term = func.escape_input(req.query.q); // 'q' is the parameter name
let search_type = req.query.type; // eg 'post', 'user' let search_type = req.query.type; // eg 'post', 'user'
if (typeof search_type == 'string') { // Make the search_term an array if (typeof search_type == 'string') { // Make the search_term an array
search_type = [ search_type ] search_type = [ search_type ]