Shiloh/brotherton-erpnext
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: sanitize all-products search before displaying results (#21764)

Browse Source 
Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>
This commit is contained in:
Chinmay Pai 2020-05-26 18:21:11 +05:30 committed by GitHub
parent c0b4ec52de
commit 49b2b155b6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
erpnext/www/all-products/index.html
View File

@ -11,7 +11,7 @@
<div class="input-group input-group-sm mb-3">
<input type="search" class="form-control" placeholder="{{_('Search')}}"
aria-label="{{_('Product Search')}}" aria-describedby="product-search"
value="{{ frappe.form_dict.search or '' }}"
value="{{ frappe.sanitize_html(frappe.form_dict.search) or '' }}"
>
</div>
</div>