mirror of
https://github.com/iv-org/invidious.git
synced 2024-12-02 03:31:20 +05:30
HTML escape title on watch and embed pages
This commit is contained in:
parent
01d23c6191
commit
25bf44d7ad
@ -14,7 +14,7 @@
|
|||||||
<script src="https://unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js"></script>
|
<script src="https://unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js"></script>
|
||||||
<script src="https://unpkg.com/videojs-markers@1.0.1/dist/videojs-markers.min.js"></script>
|
<script src="https://unpkg.com/videojs-markers@1.0.1/dist/videojs-markers.min.js"></script>
|
||||||
<script src="https://unpkg.com/videojs-share@1.1.0/dist/videojs-share.min.js"></script>
|
<script src="https://unpkg.com/videojs-share@1.1.0/dist/videojs-share.min.js"></script>
|
||||||
<title><%= video.title %> - Invidious</title>
|
<title><%= HTML.escape(video.title) %> - Invidious</title>
|
||||||
</head>
|
</head>
|
||||||
|
|
||||||
<body>
|
<body>
|
||||||
@ -82,7 +82,7 @@ var shareOptions = {
|
|||||||
socials: ["fb", "tw", "reddit", "mail"],
|
socials: ["fb", "tw", "reddit", "mail"],
|
||||||
|
|
||||||
url: "<%= host_url %>/<%= video.id %>?<%= host_params %>",
|
url: "<%= host_url %>/<%= video.id %>?<%= host_params %>",
|
||||||
title: "<%= video.title %>",
|
title: "<%= HTML.escape(video.title) %>",
|
||||||
description: "<%= description %>",
|
description: "<%= description %>",
|
||||||
image: '<%= thumbnail %>',
|
image: '<%= thumbnail %>',
|
||||||
embedCode: `<iframe id='ivplayer' type='text/html' width='640' height='360'
|
embedCode: `<iframe id='ivplayer' type='text/html' width='640' height='360'
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
<meta name="keywords" content="<%= video.info["keywords"] %>">
|
<meta name="keywords" content="<%= video.info["keywords"] %>">
|
||||||
<meta property="og:site_name" content="Invidious">
|
<meta property="og:site_name" content="Invidious">
|
||||||
<meta property="og:url" content="<%= host_url %>/watch?v=<%= video.id %>">
|
<meta property="og:url" content="<%= host_url %>/watch?v=<%= video.id %>">
|
||||||
<meta property="og:title" content="<%= video.title %>">
|
<meta property="og:title" content="<%= HTML.escape(video.title) %>">
|
||||||
<meta property="og:image" content="https://i.ytimg.com/vi/<%= video.id %>/hqdefault.jpg">
|
<meta property="og:image" content="https://i.ytimg.com/vi/<%= video.id %>/hqdefault.jpg">
|
||||||
<meta property="og:description" content="<%= description %>">
|
<meta property="og:description" content="<%= description %>">
|
||||||
<meta property="og:type" content="video.other">
|
<meta property="og:type" content="video.other">
|
||||||
@ -16,7 +16,7 @@
|
|||||||
<meta name="twitter:card" content="player">
|
<meta name="twitter:card" content="player">
|
||||||
<meta name="twitter:site" content="@omarroth">
|
<meta name="twitter:site" content="@omarroth">
|
||||||
<meta name="twitter:url" content="<%= host_url %>/watch?v=<%= video.id %>">
|
<meta name="twitter:url" content="<%= host_url %>/watch?v=<%= video.id %>">
|
||||||
<meta name="twitter:title" content="<%= video.title %>">
|
<meta name="twitter:title" content="<%= HTML.escape(video.title) %>">
|
||||||
<meta name="twitter:description" content="<%= description %>">
|
<meta name="twitter:description" content="<%= description %>">
|
||||||
<meta name="twitter:image" content="https://i.ytimg.com/vi/<%= video.id %>/maxresdefault.jpg">
|
<meta name="twitter:image" content="https://i.ytimg.com/vi/<%= video.id %>/maxresdefault.jpg">
|
||||||
<meta name="twitter:player" content="<%= host_url %>/embed/<%= video.id %>">
|
<meta name="twitter:player" content="<%= host_url %>/embed/<%= video.id %>">
|
||||||
@ -31,7 +31,7 @@
|
|||||||
<script src="https://unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js"></script>
|
<script src="https://unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js"></script>
|
||||||
<script src="https://unpkg.com/videojs-markers@1.0.1/dist/videojs-markers.min.js"></script>
|
<script src="https://unpkg.com/videojs-markers@1.0.1/dist/videojs-markers.min.js"></script>
|
||||||
<script src="https://unpkg.com/videojs-share@1.1.0/dist/videojs-share.min.js"></script>
|
<script src="https://unpkg.com/videojs-share@1.1.0/dist/videojs-share.min.js"></script>
|
||||||
<title><%= video.title %> - Invidious</title>
|
<title><%= HTML.escape(video.title) %> - Invidious</title>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
||||||
<% if hlsvp %>
|
<% if hlsvp %>
|
||||||
@ -92,7 +92,7 @@ var shareOptions = {
|
|||||||
socials: ["fb", "tw", "reddit", "mail"],
|
socials: ["fb", "tw", "reddit", "mail"],
|
||||||
|
|
||||||
url: "<%= host_url %>/<%= video.id %>?<%= host_params %>",
|
url: "<%= host_url %>/<%= video.id %>?<%= host_params %>",
|
||||||
title: "<%= video.title %>",
|
title: "<%= HTML.escape(video.title) %>",
|
||||||
description: "<%= description %>",
|
description: "<%= description %>",
|
||||||
image: '<%= thumbnail %>',
|
image: '<%= thumbnail %>',
|
||||||
embedCode: `<iframe id='ivplayer' type='text/html' width='640' height='360'
|
embedCode: `<iframe id='ivplayer' type='text/html' width='640' height='360'
|
||||||
@ -312,7 +312,7 @@ get_youtube_comments();
|
|||||||
|
|
||||||
<div class="h-box">
|
<div class="h-box">
|
||||||
<h1>
|
<h1>
|
||||||
<%= video.title %>
|
<%= HTML.escape(video.title) %>
|
||||||
<% if listen %>
|
<% if listen %>
|
||||||
<a href="/watch?<%= env.params.query %>">
|
<a href="/watch?<%= env.params.query %>">
|
||||||
<i class="icon ion-ios-videocam" aria-hidden="true"></i>
|
<i class="icon ion-ios-videocam" aria-hidden="true"></i>
|
||||||
|
Loading…
Reference in New Issue
Block a user