zorun
commented
4 years ago I really think that a good chunk of the code should be re-written from scratch...
In the meantime, any suggestion on how to fix this?
Closed wxcafe closed 3 years ago
zorun
commented
4 years ago I really think that a good chunk of the code should be re-written from scratch...
In the meantime, any suggestion on how to fix this?
wxcafe
commented
4 years ago I would imagine that a fix would be to not dump the search string directly into the page but I don't really know how to do that while following web dev best practices
ogelpre
commented
3 years ago Maybe the simplest way is to use html.escape before sending the data to the browser:
>>> html.escape("2001:db8::")
'2001:db8::'
>>> html.escape("2001:db8::/48")
'2001:db8::/48'
>>> html.escape("192.0.2.0/24")
'192.0.2.0/24'
>>> html.escape("<attack>2001:db8::/48")
'<attack>2001:db8::/48'
here
works on the input field, doesn't matter which dropdown menu option is selected