From 6b149e42056cc948b491822b31aa49526138bdfe Mon Sep 17 00:00:00 2001
From: Richard Kettelerij <291572+rkettelerij@users.noreply.github.com>
Date: Mon, 6 Jan 2025 16:56:04 +0100
Subject: [PATCH] fix: DOM text reinterpreted as HTML
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
internal/ogc/styles/templates/styles.go.html | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/internal/ogc/styles/templates/styles.go.html b/internal/ogc/styles/templates/styles.go.html
index c9e9953e..b5432897 100644
--- a/internal/ogc/styles/templates/styles.go.html
+++ b/internal/ogc/styles/templates/styles.go.html
@@ -99,13 +99,13 @@ {{ .Config.Title }} - {{ i18n "Styles" }}
const selectedProjection = value.proj;
const urlHref = document.getElementById('href-url');
const metadataHref = document.getElementById('href-metadata');
- urlHref.textContent = '{{ $baseUrl }}/styles/' + selectedStyle;
- urlHref.setAttribute('href', 'styles/' + selectedStyle);
- metadataHref.setAttribute('href', 'styles/' + selectedStyle + '/metadata');
+ urlHref.textContent = '{{ $baseUrl }}/styles/' + encodeURIComponent(selectedStyle);
+ urlHref.setAttribute('href', 'styles/' + encodeURIComponent(selectedStyle));
+ metadataHref.setAttribute('href', 'styles/' + encodeURIComponent(selectedStyle) + '/metadata');
// update style-url in app-vectortile-view
const viewer = document.getElementById('styles-vectortile-view')
- viewer.setAttribute('tile-url', '{{ $baseUrl }}/tiles/' + selectedProjection)
- viewer.setAttribute('style-url', '{{ $baseUrl }}/styles/' + selectedStyle + '?f=mapbox')
+ viewer.setAttribute('tile-url', '{{ $baseUrl }}/tiles/' + encodeURIComponent(selectedProjection))
+ viewer.setAttribute('style-url', '{{ $baseUrl }}/styles/' + encodeURIComponent(selectedStyle) + '?f=mapbox')
}, false);