From ffa90c397c09321571c2ec6590e42ddfb6df35b0 Mon Sep 17 00:00:00 2001
From: "G.Ambatte" <sean@robertson-family.nz>
Date: Sun, 5 May 2024 20:18:53 +1200
Subject: [PATCH] Add script sanitization to template.js

---
 client/template.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/client/template.js b/client/template.js
index c77f953ff..de6645e9e 100644
--- a/client/template.js
+++ b/client/template.js
@@ -8,6 +8,8 @@ const template = async function(name, title='', props = {}){
 	});
 	const ogMetaTags = ogTags.join('\n');
 
+	const cleanProps = JSON.stringify(props).replace(/<\/script/g, '<\\\/script');
+
 	return `<!DOCTYPE html>
 	<html>
 		<head>
@@ -23,7 +25,7 @@ const template = async function(name, title='', props = {}){
 		<body>
 			<main id="reactRoot">${require(`../build/${name}/ssr.js`)(props)}</main>
 			<script src=${`/${name}/bundle.js`}></script>
-			<script>start_app(${JSON.stringify(props)})</script>
+			<script>start_app(${cleanProps})</script>
 		</body>
 	</html>
 	`;