Fix encoding of special characters

Special characters would get html encoded (& -> &). This has been tested against several payloads (e.g. <script>alert(0)</script>) to ensure it's not vulnerable to XSS.
2025-01-11 07:18:08 +00:00 · 2019-06-20 22:15:32 -07:00 · 2019-06-20 22:15:32 -07:00 · 368fbd9e7d
commit 368fbd9e7d
parent 183db3475a
1 changed files with 1 additions and 1 deletions
--- a/src/webui/www/private/rename.html
+++ b/src/webui/www/private/rename.html
@ -33,7 +33,7 @@
            var name = new URI().getData('name');
            // set text field to current value
            if (name)
-                $('rename').value = escapeHtml(decodeURIComponent(name));
+                $('rename').value = decodeURIComponent(name);

            $('rename').focus();
            $('renameButton').addEvent('click', function(e) {