]> git.proxmox.com Git - pve-http-server.git/blobdiff - src/PVE/APIServer/Formatter/HTML.pm
projects / pve-http-server.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
html formatter: encode href attributes
[pve-http-server.git] / src / PVE / APIServer / Formatter / HTML.pm
diff --git a/src/PVE/APIServer/Formatter/HTML.pm b/src/PVE/APIServer/Formatter/HTML.pm
index 743d0ad8165a16612c04cf27c3e7d95efb2590f5..80617ca099bb51b6705b2a5ad32259ff06133c7e 100644 (file)
--- a/src/PVE/APIServer/Formatter/HTML.pm
+++ b/src/PVE/APIServer/Formatter/HTML.pm
@@ -91,7 +91,7 @@ sub render_page {
        text => 'Home'}};
 
     foreach my $comp (@pcomp) {
-       $href .= "/$comp";
+       $href .= "/".encode_entities($comp);
        push @$items, { tag => 'li', cn => {
            tag => 'a',
            href => $href,
@@ -214,7 +214,7 @@ PVE::APIServer::Formatter::register_formatter($portal_format, sub {
                    push @$items, {
                        tag => 'a',
                        class => 'list-group-item',
-                       href => "$path/$value",
+                       href => "$path/".encode_entities($value),
                        cn => [
                            {
                                tag => 'h4',
PVE HTTP Server