HTML escape at app/views/repositories/diff.rhtml.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6383 e93f8b46-1217-0410-a6f0-8f06a7374b81

diff --git a/app/views/repositories/diff.rhtml b/app/views/repositories/diff.rhtml
index efb84a44d20810d0bf30b05892c0758ae7f22994..cb868665a69e06bc352b22b9fa66da9d8b7566ba 100644 (file)
--- a/app/views/repositories/diff.rhtml
+++ b/app/views/repositories/diff.rhtml
@@ -16,7 +16,7 @@
        <%= f.link_to 'Diff', :url => params, :caption => 'Unified diff' %>
 <% end %>
 
-<% html_title(with_leading_slash(@path), 'Diff') -%>
+<% html_title(h(with_leading_slash(@path)), 'Diff') -%>
 
 <% content_for :header_tags do %>
 <%= stylesheet_link_tag "scm" %>