mirror of https://github.com/searxng/searxng.git
[fix] route /autocompleter: escape '<' and '>' in the response
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
This commit is contained in:
parent
e27b1ac57a
commit
9a3253fc16
|
@ -916,6 +916,7 @@ def autocompleter():
|
||||||
suggestions = json.dumps([sug_prefix, results])
|
suggestions = json.dumps([sug_prefix, results])
|
||||||
mimetype = 'application/x-suggestions+json'
|
mimetype = 'application/x-suggestions+json'
|
||||||
|
|
||||||
|
suggestions = escape(suggestions, False)
|
||||||
return Response(suggestions, mimetype=mimetype)
|
return Response(suggestions, mimetype=mimetype)
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue