CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-05 15:14:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Widget: Properly escape voucher codes

Browse Source
This commit is contained in:
Raphael Michel
2020-07-16 08:42:40 +02:00
parent b61893e3b1
commit f179a220bc
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/pretix/static/pretixpresale/js/widget/widget.js
View File

@@ -580,7 +580,7 @@ var shared_methods = {
} else { } else {
return; return;
} }
var redirect_url = this.$root.voucherFormTarget + '&voucher=' + this.voucher + '&subevent=' + this.$root.subevent; var redirect_url = this.$root.voucherFormTarget + '&voucher=' + escape(this.voucher) + '&subevent=' + this.$root.subevent;
if (this.$root.widget_data) { if (this.$root.widget_data) {
redirect_url += '&widget_data=' + escape(this.$root.widget_data_json); redirect_url += '&widget_data=' + escape(this.$root.widget_data_json);
} }
@@ -590,7 +590,7 @@ var shared_methods = {
}, },
voucher_open: function (voucher) { voucher_open: function (voucher) {
var redirect_url; var redirect_url;
redirect_url = this.$root.voucherFormTarget + '&voucher=' + voucher; redirect_url = this.$root.voucherFormTarget + '&voucher=' + escape(voucher);
if (this.$root.widget_data) { if (this.$root.widget_data) {
redirect_url += '&widget_data=' + escape(this.$root.widget_data_json); redirect_url += '&widget_data=' + escape(this.$root.widget_data_json);
} }