security: fix inline scripts

This commit is contained in:
SouthFox-D 2022-03-27 02:16:53 +08:00
parent f6b29e7499
commit d8131e4a75
2 changed files with 5 additions and 5 deletions

View file

@ -12,10 +12,6 @@
<div id="local-search-result"></div> <div id="local-search-result"></div>
</div> </div>
<script type="text/javascript" id="local.search.active"> <script src="<%- url_for('./js/active_search.js') %>"> async</script>
var inputArea = document.querySelector("#local-search-input");
inputArea.onclick = function(){ getSearchFile("<%- url_for('./search.xml') %>"); this.onclick = null }
inputArea.onkeydown = function(){ if(event.keyCode == 13) return false }
</script>
<% } %> <% } %>

View file

@ -0,0 +1,4 @@
id="local.search.active"
var inputArea = document.querySelector("#local-search-input");
inputArea.onclick = function(){ getSearchFile("search.xml"); this.onclick = null }
inputArea.onkeydown = function(){ if(event.keyCode == 13) return false }