summaryrefslogtreecommitdiff
path: root/internal/handlers
diff options
context:
space:
mode:
Diffstat (limited to 'internal/handlers')
-rw-r--r--internal/handlers/handlers.go8
1 files changed, 6 insertions, 2 deletions
diff --git a/internal/handlers/handlers.go b/internal/handlers/handlers.go
index a169478..635a69d 100644
--- a/internal/handlers/handlers.go
+++ b/internal/handlers/handlers.go
@@ -792,7 +792,9 @@ func (h *Handler) HandleGetListsOptions(w http.ResponseWriter, r *http.Request)
w.Header().Set("Content-Type", "text/html")
for _, list := range lists {
- _, _ = fmt.Fprintf(w, `<option value="%s">%s</option>`, list.ID, list.Name)
+ _, _ = fmt.Fprintf(w, `<option value="%s">%s</option>`,
+ template.HTMLEscapeString(list.ID),
+ template.HTMLEscapeString(list.Name))
}
}
@@ -917,7 +919,9 @@ func (h *Handler) HandleGetShoppingLists(w http.ResponseWriter, r *http.Request)
w.Header().Set("Content-Type", "text/html")
for _, list := range lists {
- _, _ = fmt.Fprintf(w, `<option value="%s">%s</option>`, list.ID, list.Name)
+ _, _ = fmt.Fprintf(w, `<option value="%s">%s</option>`,
+ template.HTMLEscapeString(list.ID),
+ template.HTMLEscapeString(list.Name))
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2026-03-28 11:24:45 +0000