polybar: sanitize a bit more untrusted inputs

2025-07-21 11:24:28 +02:00 · 2021-12-19 12:36:00 +01:00 · 2021-12-19 12:36:00 +01:00 · 2fdafc8d3a
commit 2fdafc8d3a
parent eb55cf3e84
2 changed files with 2 additions and 1 deletions
--- a/bin/polybar-weather
+++ b/bin/polybar-weather
@ -177,6 +177,7 @@ if __name__ == "__main__":
                round(weather["daily"][0]["temp"]["max"]),
            ),
        ]
+        city = city.replace('%', '%%')
        conditions.insert(0, f"%{{F#888}}%{{Tx}}%{{T-}} {city}%{{F-}}")
        output = " ".join(conditions).replace("%{Tx}", "%%{T%d}" % options.font_index)
        logger.debug("output: %s", output)