LibWeb: Properly escape URL on error page

Author: https://github.com/Psychpsyo 🔰
Commit: https://github.com/LadybirdBrowser/ladybird/commit/e8c228fb93d
Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/2403

Libraries/LibWeb/Loader/GeneratedPagesLoader.cpp

@@ -33,7 +33,7 @@ ErrorOr<String> load_error_page(URL::URL const& url, StringView error_message)
     auto template_file = TRY(Core::Resource::load_from_uri("resource://ladybird/templates/error.html"sv));
     StringBuilder builder;
     SourceGenerator generator { builder, '%', '%' };
-    generator.set("failed_url", url.to_byte_string());
+    generator.set("failed_url", escape_html_entities(url.to_byte_string()));
     generator.set("error_message", escape_html_entities(error_message));
     generator.append(template_file->data());
     return TRY(String::from_utf8(generator.as_string_view()));