ref: refs/heads/master commit cf369fd83d97baffe3f465a91736a3bff5ef3e80 Author: Josef Reidinger Date: Wed Nov 4 12:50:33 2009 +0100 prevent HTML injection on host name --- webclient/app/views/hosts/index.html.erb | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/webclient/app/views/hosts/index.html.erb b/webclient/app/views/hosts/index.html.erb index d603d31..52df0f2 100644 --- a/webclient/app/views/hosts/index.html.erb +++ b/webclient/app/views/hosts/index.html.erb @@ -9,7 +9,7 @@ <li> <ul> <li> - <strong><%= link_to host.name, new_session_path(:hostid => "#{host.id}") %></strong> + <strong><%= link_to h(host.name), new_session_path(:hostid => "#{host.id}") %></strong> </li> <li> <span class="li-url"><%=h host.url %></span> @@ -39,4 +39,4 @@ --> </div> </div> -<!--host list --> \ No newline at end of file +<!--host list --> -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org