fix potential xss woops

author: lolcat <will@lolcat.ca> 2025-07-08 23:10:13 -0400
committer: lolcat <will@lolcat.ca> 2025-07-08 23:10:13 -0400
commit: 430c0a2f0f72f1254ab65d53f13640fe02418f05 (patch)
tree: 43f130a7343a4d4ac48f9ed3a8939b1c46203e5b /web.php
parent: 1a00bf8069a4b3d9b842e2e679e4e5ec639255e4 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/web.php b/web.php
index ff1fc13..a1588fc 100644
--- a/web.php
+++ b/web.php
@@ -89,7 +89,7 @@ if($results["spelling"]["type"] != "no_correction"){
 			'&' .
 			$frontend->buildquery($get, true) .
 			'&spellcheck=no">' .
-			$results["spelling"]["correction"] .
+			htmlspecialchars($results["spelling"]["correction"]) .
 			'</a>?' .
 		'</div>';
 }
author	lolcat <will@lolcat.ca>	2025-07-08 23:10:13 -0400
committer	lolcat <will@lolcat.ca>	2025-07-08 23:10:13 -0400
commit	430c0a2f0f72f1254ab65d53f13640fe02418f05 (patch)
tree	43f130a7343a4d4ac48f9ed3a8939b1c46203e5b /web.php
parent	1a00bf8069a4b3d9b842e2e679e4e5ec639255e4 (diff)