backup/ROC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Html escape cms_search_query variable.

Browse Source
This commit is contained in:
Jocelyn FIAT
2017-02-10 12:16:09 +01:00
parent bef99dd762
commit b47d631095
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
examples/demo/site/themes/bootstrap/page.tpl
View File

@@ -42,7 +42,7 @@
<div class="col-md-2 col-md-offset-9">
<form action="{$site_url/}gcse" class="search-form" id="gcse_search_form">
<div class="form-group has-feedback">
<input type="search" class="form-control" name="q" id="gcse_search" placeholder="search" value="{$cms_search_query/}" >
<input type="search" class="form-control" name="q" id="gcse_search" placeholder="search" value="{htmlentities}{$cms_search_query/}{/htmlentities}" >
<span class="glyphicon glyphicon-search form-control-feedback"></span>
</div>
</form>