zydronium/neocities
1
0
Fork 0
mirror of https://github.com/neocities/neocities.git synced 2025-04-24 17:22:35 +02:00
Code Issues Projects Releases Packages Wiki Activity

Escape query string params

Browse source
This commit is contained in:
Kyle Drake 2014-12-21 08:55:18 +00:00
parent 343d6b7c47
commit 128e90398e
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
views/site_files/text_editor.erb
View file

@ -113,7 +113,7 @@
if(unsavedChanges == false) if(unsavedChanges == false)
return return
$.ajax({ $.ajax({
url: '/site_files/save/<%= @filename %>?csrf_token=<%= csrf_token %>', url: '/site_files/save/<%= Rack::Utils.escape @filename %>?csrf_token=<%= Rack::Utils.escape csrf_token %>',
data: editor.getValue(), data: editor.getValue(),
processData: false, processData: false,
contentType: false, contentType: false,