From e45d32d5a50857e8408917e2035c9abe1704fb23 Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Sat, 17 Nov 2018 00:23:59 +0100
Subject: [PATCH] Fix lack of HTML encoding for stylesheet link

Previous to the fix, the home page had a line like (notice the wrongly
encoded `&`):

```html
<link rel="stylesheet" href="view/theme/frio/style.pcss?f=&puid=1"
type="text/css" media="screen" />
```
---
 src/App.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/App.php b/src/App.php
index 4451013093..013c12b908 100644
--- a/src/App.php
+++ b/src/App.php
@@ -116,7 +116,7 @@ class App
 	public function registerStylesheet($path)
 	{
 		$url = str_replace($this->getBasePath() . DIRECTORY_SEPARATOR, '', $path);
-
+		$url = htmlspecialchars($url, ENT_COMPAT, 'UTF-8');
 		$this->stylesheets[] = trim($url, '/');
 	}