nsinnovations/erpnext
2
0
Fork 0
mirror of https://github.com/frappe/erpnext.git synced 2026-04-21 07:38:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(help): escape query (backport #53192) (#53195)

Browse Source 
fix(help): escape query (#53192)


(cherry picked from commit 702adda000)

Signed-off-by: Akhil Narang <me@akhilnarang.dev>
Co-authored-by: Akhil Narang <me@akhilnarang.dev>
This commit is contained in:
mergify[bot]
2026-03-05 18:40:54 +05:30
committed by GitHub
parent fff9750f48
commit 83f2fadbcf
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
erpnext/templates/pages/help.html
View File

@@ -8,7 +8,7 @@
<form action="/search_help" style="display: flex;"> <form action="/search_help" style="display: flex;">
<input name='q' class='form-control' type='text' <input name='q' class='form-control' type='text'
style='max-width: 400px; display: inline-block; margin-right: 10px;' style='max-width: 400px; display: inline-block; margin-right: 10px;'
value='{{ frappe.form_dict.q or ''}}' value='{{ (frappe.form_dict.q or '') | e }}'
{% if not frappe.form_dict.q%}placeholder="{{ _("What do you need help with?") }}"{% endif %}> {% if not frappe.form_dict.q%}placeholder="{{ _("What do you need help with?") }}"{% endif %}>
<input type='submit' <input type='submit'
class='btn btn-sm btn-light btn-search' value="{{ _("Search") }}"> class='btn btn-sm btn-light btn-search' value="{{ _("Search") }}">