From d698fb91c9dbb1c19c68b381c18ac0ededff9ce5 Mon Sep 17 00:00:00 2001 From: Will Norris Date: Tue, 20 Apr 2021 16:41:51 -0700 Subject: [PATCH] prevent XSS on project page Fixes #115 --- static/js/projects.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/static/js/projects.js b/static/js/projects.js index 4fb071ee6..1e2cf36fb 100644 --- a/static/js/projects.js +++ b/static/js/projects.js @@ -97,7 +97,7 @@ var renderProjects = function(projectsList, searchString="") { noResultDiv.className = 'no-results' var noResultPara = document.createElement('p') - noResultPara.innerHTML = "No results for " + '' + searchString + '' + noResultPara.innerText = "No results for " + searchString noResultDiv.appendChild(noResultPara) var noResultContainer = document.getElementsByClassName("no-results-container")[0]