From be1ed83930187412fc60b2da283e9e7ffc8d4fba Mon Sep 17 00:00:00 2001
From: unlxam <177877261+unlxam@users.noreply.github.com>
Date: Sat, 24 Aug 2024 13:40:28 -0300
Subject: [PATCH] feat: add presence checking and html escaping for link

---
 src/invidious/routes/misc.cr | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/invidious/routes/misc.cr b/src/invidious/routes/misc.cr
index 28a134a9..c0bef5b4 100644
--- a/src/invidious/routes/misc.cr
+++ b/src/invidious/routes/misc.cr
@@ -48,9 +48,15 @@ module Invidious::Routes::Misc
     locale = env.get("preferences").as(Preferences).locale
     
     link = env.params.query["link"]?
+    link = HTML.escape(link.to_s)
 
     referer = get_referer(env)
 
-    templated "confirm_leave"
+    if link && !link.empty?
+      templated "confirm_leave"
+    else
+      env.redirect "#{referer}"
+    end
+
   end
 end