HTML escape at app/views/wiki/diff.rhtml.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6397 e93f8b46-1217-0410-a6f0-8f06a7374b81

diff --git a/app/views/wiki/diff.rhtml b/app/views/wiki/diff.rhtml
index 8a000daa998fc8816d8487423b940b909341f7d5..c77f521c7d26e6ef4a70f9595ab3c095174d487e 100644 (file)
--- a/app/views/wiki/diff.rhtml
+++ b/app/views/wiki/diff.rhtml
@@ -4,7 +4,7 @@
 
 <%= wiki_page_breadcrumb(@page) %>
 
-<h2><%=h @page.pretty_title %></h2>
+<h2><%=h h(@page.pretty_title) %></h2>
 
 <p>
 <%= l(:label_version) %> <%= link_to @diff.content_from.version, :action => 'show', :id => @page.title, :project_id => @page.project, :version => @diff.content_from.version %>