Don't double-escape query params
Any value returned by req.FormValue has already been unescaped. There's no need for a second layer of escaping.
Any value returned by req.FormValue has already been unescaped. There's no need for a second layer of escaping.