HTML escape at app/views/news/show.rhtml.

author Toshi MARUYAMA <marutosijp2@yahoo.co.jp>

Tue, 2 Aug 2011 13:10:19 +0000 (13:10 +0000)

committer Toshi MARUYAMA <marutosijp2@yahoo.co.jp>

Tue, 2 Aug 2011 13:10:19 +0000 (13:10 +0000)
author Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
Tue, 2 Aug 2011 13:10:19 +0000 (13:10 +0000)
committer Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
Tue, 2 Aug 2011 13:10:19 +0000 (13:10 +0000)
diff --git a/app/views/news/show.rhtml b/app/views/news/show.rhtml

index 28db44e96460edac9c8228d3b9166b2c4ef5db2c..ea630779cb4b65f2f83e8fef54e6b39fd7bed89d 100644 (file)
--- a/app/views/news/show.rhtml
+++ b/app/views/news/show.rhtml
@@ -63,7 +63,7 @@
  <% end %>
  <% end %>
  
-<% html_title @news.title -%>
+<% html_title h(@news.title) -%>
  
  <% content_for :header_tags do %>
    <%= stylesheet_link_tag 'scm' %>
author	Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
	Tue, 2 Aug 2011 13:10:19 +0000 (13:10 +0000)
committer	Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
	Tue, 2 Aug 2011 13:10:19 +0000 (13:10 +0000)