From b1f828e5988046cf1cb634f5702023b184e6fbdb Mon Sep 17 00:00:00 2001
From: Jan-Lukas Else <mail@jlelse.de>
Date: Sun, 15 Mar 2020 16:54:00 +0100
Subject: [PATCH] Unescape sanitized keys and values

---
 forms.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/forms.go b/forms.go
index 1ded36a..bd65b5d 100644
--- a/forms.go
+++ b/forms.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"github.com/microcosm-cc/bluemonday"
+	"html"
 	"net/http"
 	"net/url"
 )
@@ -33,9 +34,9 @@ func sanitizeForm(values url.Values) FormValues {
 	for key, values := range values {
 		var sanitizedValues []string
 		for _, value := range values {
-			sanitizedValues = append(sanitizedValues, p.Sanitize(value))
+			sanitizedValues = append(sanitizedValues, html.UnescapeString(p.Sanitize(value)))
 		}
-		sanitizedForm[p.Sanitize(key)] = sanitizedValues
+		sanitizedForm[html.UnescapeString(p.Sanitize(key))] = sanitizedValues
 	}
 	return sanitizedForm
 }