escape & too

This commit is contained in:
j 2021-09-15 14:05:11 +02:00
parent 6118bf3c3a
commit 8a16c7e37f
2 changed files with 2 additions and 1 deletions

View file

@ -13,6 +13,7 @@ from django.conf import settings
from django.db import models, transaction
from django.db.models import Max
from django.contrib.auth import get_user_model
from django.core.cache import cache
from oxdjango.fields import JSONField

View file

@ -429,7 +429,7 @@ pandora.ui.documentInfoView = function(data, isMixed) {
function formatLink(value, key) {
return (Ox.isArray(value) ? value : [value]).map(function(value) {
return key
? '<a href="/documents/' + key + '=' + value + '">' + value + '</a>'
? '<a href="/documents/' + key + '=' + pandora.escapeQueryValue(value) + '">' + value + '</a>'
: value;
}).join(', ');
}