mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-02-28 22:30:44 -05:00
64b5f03dcd
I don’t think it’s a massive risk (we’re certainly mitigating against any XSS), but having a page on a GOV.UK domain where you can prefill text on the page from a query string probably isn’t great. So this commit restricts prefilling the support form to a set of named questions.