linuxserver/Heimdall
1
0
Fork 0
mirror of https://github.com/linuxserver/Heimdall.git synced 2025-11-01 05:27:45 +09:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Escape search queries and add setting value on edit

Browse Source
This commit is contained in:
Chris Hunt
2025-07-24 19:05:16 +01:00
parent 41aa255b88
commit d1a96dd752
5 changed files with 30 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/Http/Controllers/SearchController.php
View File

@@ -18,6 +18,9 @@ class SearchController extends Controller
$requestprovider = $request->input('provider');
$query = $request->input('q');
// Sanitize the query to prevent XSS
$query = htmlspecialchars($query, ENT_QUOTES, 'UTF-8');
// Validate the presence and non-emptiness of the query parameter
if (!$query || trim($query) === '') {
abort(400, 'Missing or empty query parameter');