Fixed urls and xss fix.

settings.php

@@ -84,45 +84,46 @@
                 <h2>Privacy friendly frontends</h2>
                 <p>For an example if you want to view YouTube without getting spied on, click on "Invidious", find the instance that is most suitable for you then paste it in (correct format: https://example.com)</p>
                 <div class="instances-container">   
+
                       <div>
                         <a for="invidious" href="https://docs.invidious.io/instances/" target="_blank">Invidious</a>
                         <input type="text" name="invidious" placeholder="Replace YouTube" value=
-                            <?php echo isset($_COOKIE["invidious"]) ? urlencode($_COOKIE["invidious"])  : "\"$config->invidious\""; ?>
+                            <?php echo isset($_COOKIE["invidious"]) ? htmlspecialchars($_COOKIE["invidious"])  : "\"$config->invidious\""; ?>
                         >
                       </div>
 
                       <div>
                         <a for="bibliogram" href="https://git.sr.ht/~cadence/bibliogram-docs/tree/master/docs/Instances.md" target="_blank">Bibliogram</a>
                         <input type="text" name="bibliogram" placeholder="Replace Instagram" value=
-                            <?php echo isset($_COOKIE["bibliogram"]) ? urlencode($_COOKIE["bibliogram"]) : "\"$config->bibliogram\""; ?>
+                            <?php echo isset($_COOKIE["bibliogram"]) ? htmlspecialchars($_COOKIE["bibliogram"]) : "\"$config->bibliogram\""; ?>
                         >
                       </div>
 
                       <div>
                         <a for="nitter" href="https://github.com/zedeus/nitter/wiki/Instances" target="_blank">Nitter</a>
                         <input type="text" name="nitter" placeholder="Replace Twitter" value=
-                            <?php echo isset($_COOKIE["nitter"]) ? urlencode($_COOKIE["nitter"])  : "\"$config->nitter\""; ?>
+                            <?php echo isset($_COOKIE["nitter"]) ? htmlspecialchars($_COOKIE["nitter"])  : "\"$config->nitter\""; ?>
                         >
                       </div>
 
                       <div>
                         <a for="libreddit" href="https://github.com/spikecodes/libreddit" target="_blank">Libreddit</a>
                         <input type="text" name="libreddit" placeholder="Replace Reddit" value=
-                            <?php echo isset($_COOKIE["libreddit"]) ? urlencode($_COOKIE["libreddit"])  : "\"$config->libreddit\""; ?>
+                            <?php echo isset($_COOKIE["libreddit"]) ? htmlspecialchars($_COOKIE["libreddit"])  : "\"$config->libreddit\""; ?>
                         >
                       </div>
 
                       <div>
                         <a for="proxitok" href="https://github.com/pablouser1/ProxiTok/wiki/Public-instances" target="_blank">ProxiTok</a>
                         <input type="text" name="proxitok" placeholder="Replace TikTok" value=
-                            <?php echo isset($_COOKIE["libreddit"]) ? urlencode($_COOKIE["libreddit"])  : "\"$config->libreddit\""; ?>
+                            <?php echo isset($_COOKIE["proxitok"]) ? htmlspecialchars($_COOKIE["proxitok"])  : "\"$config->proxitok\""; ?>
                         >
                       </div>
 
                       <div>
                         <a for="wikiless" href="https://codeberg.org/orenom/wikiless" target="_blank">Wikiless</a>
                         <input type="text" name="wikiless" placeholder="Replace Wikipedia" value=
-                            <?php echo isset($_COOKIE["wikiless"]) ? urlencode($_COOKIE["wikiless"])  : "\"$config->wikiless\""; ?>
+                            <?php echo isset($_COOKIE["wikiless"]) ? htmlspecialchars($_COOKIE["wikiless"])  : "\"$config->wikiless\""; ?>
                         >
                       </div>
                 </div>