From 89f68d71b42c201ffb2b853ca79f8272ddae9766 Mon Sep 17 00:00:00 2001
From: Lucas <lucas.march@mail.mcgill.ca>
Date: Mon, 15 Jul 2024 15:39:53 +0000
Subject: [PATCH] fix(chant create): escape special characters in suggested
 chant data

---
 .../cantusdb_project/main_app/templates/chant_create.html   | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/django/cantusdb_project/main_app/templates/chant_create.html b/django/cantusdb_project/main_app/templates/chant_create.html
index 95f335c97..a5d4fe21d 100644
--- a/django/cantusdb_project/main_app/templates/chant_create.html
+++ b/django/cantusdb_project/main_app/templates/chant_create.html
@@ -314,10 +314,10 @@ <h5><a id="source" href="{% url 'source-detail' source.id %}">{{ source.siglum }
                                     value="{{ suggestion.cantus_id }}"
                                     title="{{ suggestion.cantus_id }}"
                                     onclick='autoFillSuggestedChant(
-                                        "{{ suggestion.genre_name }}",
+                                        "{{ suggestion.genre_name | escapejs }}",
                                         {{ suggestion.genre_id | default_if_none:"null" }},
-                                        "{{ suggestion.cantus_id }}",
-                                        "{{ suggestion.fulltext }}"
+                                        "{{ suggestion.cantus_id | escapejs }}",
+                                        "{{ suggestion.fulltext | escapejs }}"
                                     )'
                                 >
                                 <strong>{{ suggestion.genre_name }}</strong> - <span title="{{ suggestion.fulltext }}">{{ suggestion.incipit }}</span> (<strong>{{ suggestion.occurrences }}x</strong>)<br>