From 604bee6d74c3765746c6e3c1b406714318080d19 Mon Sep 17 00:00:00 2001
From: PhilipDeFraties <philip.defraties@gmail.com>
Date: Tue, 19 Nov 2024 15:35:39 -0700
Subject: [PATCH 1/2] update metrics page js to sanitize query parameter in
 metrics page URL

---
 app/assets/javascripts/metrics_page.es6 | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/assets/javascripts/metrics_page.es6 b/app/assets/javascripts/metrics_page.es6
index 8e77fa470..a349b43ac 100644
--- a/app/assets/javascripts/metrics_page.es6
+++ b/app/assets/javascripts/metrics_page.es6
@@ -12,8 +12,9 @@ $(document).ready(function(){
             var pos1 = curUrl.lastIndexOf("?duration");
             curUrl = curUrl.substring(0, pos1);
         }
-        let duration = $( "#metrics_duration" ).val();
+        let duration = encodeURIComponent($("#metrics_duration").val());
         let newUrl = `${curUrl}?duration=${duration}`;
+        debugger
         window.location.href = newUrl;
     });
 

From 4b74f76ab74ffe6b2789010f6ff4f5b9efc2c114 Mon Sep 17 00:00:00 2001
From: PhilipDeFraties <philip.defraties@gmail.com>
Date: Tue, 19 Nov 2024 15:35:45 -0700
Subject: [PATCH 2/2] remove debugger

---
 app/assets/javascripts/metrics_page.es6 | 1 -
 1 file changed, 1 deletion(-)

diff --git a/app/assets/javascripts/metrics_page.es6 b/app/assets/javascripts/metrics_page.es6
index a349b43ac..bb8ab1375 100644
--- a/app/assets/javascripts/metrics_page.es6
+++ b/app/assets/javascripts/metrics_page.es6
@@ -14,7 +14,6 @@ $(document).ready(function(){
         }
         let duration = encodeURIComponent($("#metrics_duration").val());
         let newUrl = `${curUrl}?duration=${duration}`;
-        debugger
         window.location.href = newUrl;
     });