Encode URL param to be safe

2023-06-19 18:14:05 +03:00 · 2023-06-19 18:14:05 +03:00 · 2a88ed10b1
parent b1d689eb37
commit 2a88ed10b1
1 changed files with 1 additions and 1 deletions
--- a/plugins/woocommerce-admin/client/payments-welcome/index.tsx
+++ b/plugins/woocommerce-admin/client/payments-welcome/index.tsx
@ -55,7 +55,7 @@ const ConnectAccountPage = () => {
 			isJetpackConnected:
 				select( 'wc/admin/plugins' ).isJetpackConnected(),
 			connectUrl:
-				'admin.php?wcpay-connect=1&promo=' + incentive.id +
+				'admin.php?wcpay-connect=1&promo=' + encodeURIComponent( incentive.id ) +
 				'&_wpnonce=' + getAdminSetting( 'wcpay_welcome_page_connect_nonce' ),
 		};
 	} );