Whoa, don't print a raw unescaped HTML code from guests in a guestbook.

2024-06-19 04:35:25 +04:00 · 2024-06-19 04:35:25 +04:00 · c42e604deb
commit c42e604deb
parent c9cd434b59
1 changed files with 2 additions and 4 deletions
--- a/web/guestbook.templ
+++ b/web/guestbook.templ
@ -42,11 +42,9 @@ templ Guestbook(captchaID, owner string, entries []*justguestbook.Entry, pageCou
 					</header>
 					for _, line := range strings.Split(entry.Message, "\n") {
 						if len(line) > 0 && line[0] == '>' {
-							<p class="quote">@templ.Raw(line)
-</p>
+							<p class="quote">{ line }</p>
 						} else {
-							<p>@templ.Raw(line)
-</p>
+							<p>{ line }</p>
 						}
 					}
 					if entry.Reply != nil {