diff options
Diffstat (limited to 'assets/js/index.js')
| -rw-r--r-- | assets/js/index.js | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/assets/js/index.js b/assets/js/index.js index 8927f21..bcb4509 100644 --- a/assets/js/index.js +++ b/assets/js/index.js @@ -454,6 +454,11 @@ }); } } + function escape(text) { + const escaped = document.createElement("textarea"); + escaped.textContent = text; + return escaped.innerHTML; + } function search(term, data, options) { const results = fuzzysort.go(term, data, options); let items = ""; @@ -461,17 +466,17 @@ let separator = "—"; if (term.length === 0) separator = ""; items = ` - <li> - <a href="javascript: void(0)" tabindex="0">${term} ${separator} No Results Found</a> - </li> - `; + <li> + <a href="javascript: void(0)" tabindex="0">${escape(term)} ${separator} No Results Found</a> + </li> + `; dropdown.removeAttribute("hidden"); container.setAttribute("data-focus", ""); } else { dropdown.removeAttribute("hidden"); for(const string in results.slice(0, 10)){ const title = results[string].obj.title; - let highlight = fuzzysort.highlight(fuzzysort.single(term, title), "<span>", "</span>"); + let highlight = fuzzysort.highlight(fuzzysort.single(escape(term), escape(title)), "<span>", "</span>"); if (highlight === null) { highlight = title; } @@ -479,7 +484,7 @@ <li> <a href="${results[string].obj.url}" tabindex="0">${highlight}</a> </li> - `; + `; } } dropdown.innerHTML = items; |