From 4c3fcc3ea6f37debcb87ac1a7f5698c27be0e67b Mon Sep 17 00:00:00 2001 From: zadam Date: Fri, 17 Mar 2023 22:04:49 +0100 Subject: [PATCH] fix sanitization of autocomplete against XSS --- src/services/search/services/search.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/services/search/services/search.js b/src/services/search/services/search.js index 06362b28cc..beb0555d15 100644 --- a/src/services/search/services/search.js +++ b/src/services/search/services/search.js @@ -307,7 +307,7 @@ function highlightSearchResults(searchResults, highlightedTokens) { for (const result of searchResults) { const note = becca.notes[result.noteId]; - result.highlightedNotePathTitle = result.notePathTitle.replace('/[<\{\}]/g', ''); + result.highlightedNotePathTitle = result.notePathTitle.replace(/[<{}]/g, ''); if (highlightedTokens.find(token => note.type.includes(token))) { result.highlightedNotePathTitle += ` "type: ${note.type}'`;