From 912cdb77a8d4a5ccf6f34f2185e0bee348537600 Mon Sep 17 00:00:00 2001 From: "Michael J. Giarlo" Date: Fri, 17 Jan 2025 12:12:35 -0800 Subject: [PATCH] Escape search params JSON in report view Fixes #4459 --- app/views/report/_document_list.html.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/report/_document_list.html.erb b/app/views/report/_document_list.html.erb index 26838bd75..01325f1ea 100644 --- a/app/views/report/_document_list.html.erb +++ b/app/views/report/_document_list.html.erb @@ -1,7 +1,7 @@
' + data-object-reporter-data-url-params-value='<%= json_escape(params.to_unsafe_h.except(:controller, :action).merge(format: 'json', sort: 'id asc').to_json) %>' data-object-reporter-download-url-value='<%= report_download_url %>' data-object-reporter-column-model-value='<%= Report::COLUMN_MODEL.to_json.html_safe %>'>