Since search_autocomplete_source rendered with raw all human input should be sanitized to prevent XSS
Attach a file by drag & drop or click to upload
