From 044f066c1c9f08ab41c93e1f065053ad22e4959e Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Thu, 11 Dec 2025 18:18:22 +0100
Subject: Fix htmlspecialchars for search (#8306)

Regression from https://github.com/FreshRSS/FreshRSS/pull/8293
---
 app/Controllers/indexController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/Controllers/indexController.php')

diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php
index d914e4eef..3961a3fcd 100644
--- a/app/Controllers/indexController.php
+++ b/app/Controllers/indexController.php
@@ -106,7 +106,7 @@ class FreshRSS_index_Controller extends FreshRSS_ActionController {
 		$title = FreshRSS_Context::$name;
 		$search = FreshRSS_Context::$search->__toString();
 		if ($search !== '') {
-			$title = '“' . $search . '”';
+			$title = '“' . htmlspecialchars($search, ENT_COMPAT, 'UTF-8') . '”';
 		}
 		if (FreshRSS_Context::$get_unread > 0) {
 			$title = '(' . FreshRSS_Context::$get_unread . ') ' . $title;
-- 
cgit v1.2.3