0
0
Fork 0

Prevent attribute injection

Hui-EscapeUserInput
Lan Hui 2022-07-29 15:26:19 +08:00
parent 828cef406c
commit 0098fa8746
1 changed files with 2 additions and 2 deletions

View File

@ -30,7 +30,7 @@
:
<a href='http://youdao.com/w/eng/{{word}}/#keyfrom=dict2.index' title={{word}}>{{word}}</a>
({{x[1]}})
<input type="checkbox" name="marked" value={{word}}>
<input type="checkbox" name="marked" value="{{word}}">
</p>
{% endfor %}
@ -42,4 +42,4 @@
{% endfor %}
{% endif %}
</body>
</html>
</html>