summaryrefslogtreecommitdiffstats
path: root/gnats-expert-html.lsp
diff options
context:
space:
mode:
Diffstat (limited to 'gnats-expert-html.lsp')
-rw-r--r--gnats-expert-html.lsp4
1 files changed, 2 insertions, 2 deletions
diff --git a/gnats-expert-html.lsp b/gnats-expert-html.lsp
index 5bd4db6..84c7f42 100644
--- a/gnats-expert-html.lsp
+++ b/gnats-expert-html.lsp
@@ -34,9 +34,9 @@ for k,v in pairs(myform.option) do
</TABLE>
-<form action="<%= form.option.script .. "/" .. form.option.prefix ..
+<form action="<%= html.html_escape(form.option.script .. "/" .. form.option.prefix ..
form.option.controller .. "/" .. form.option.action ..
- (form.option.extra or "") %>" method="POST">
+ (form.option.extra or "")) %>" method="POST">
<%
-- Management buttons
local myform = form.management
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-10 05:14:49 +0000