mirror of
https://github.com/eitchtee/WYGIWYH.git
synced 2026-07-04 20:11:45 +02:00
9e9e60ccec
The copy button passed the token through Django's escapejs filter into the hyperscript writeText() call, which turns every "-" into -. hyperscript does not decode \u escapes, so any token containing "-" (common with token_urlsafe) was copied corrupted and failed auth on paste. Copy from the input's value instead, which holds the unescaped raw token.