[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[EP-tech] search input html entities encoding



Hi all!

 ?can someone point me to the code in Eprints which encode the html
entities of a search input, when rendering them in the page title and in
the page body?

For example if I search (simple search for example) for "&blah>" I get a
result page with:

<title>Search results for &amp;blah&gt; - Eprints Site</title>and in the
body:
Search results for <span class="search_desc">&amp;blah&gt;</span> I'm asking because I would to understand possible source of problems like XSS and so on.Thanks!