HTML escape at app/helpers/queries_helper.rb.

author Toshi MARUYAMA <marutosijp2@yahoo.co.jp>

Tue, 2 Aug 2011 12:50:09 +0000 (12:50 +0000)

committer Toshi MARUYAMA <marutosijp2@yahoo.co.jp>

Tue, 2 Aug 2011 12:50:09 +0000 (12:50 +0000)
author Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
Tue, 2 Aug 2011 12:50:09 +0000 (12:50 +0000)
committer Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
Tue, 2 Aug 2011 12:50:09 +0000 (12:50 +0000)
diff --git a/app/helpers/queries_helper.rb b/app/helpers/queries_helper.rb

index e65e957b68d9ca3e7293aea683ed0f1fb553f15b..249c4d0ea455dd6c75c6c6a24d0ac382c9c67e44 100644 (file)
--- a/app/helpers/queries_helper.rb
+++ b/app/helpers/queries_helper.rb
@@ -45,7 +45,7 @@ module QueriesHelper
        if column.name == :done_ratio
          progress_bar(value, :width => '80px')
        else
-        value.to_s
+        h(value.to_s)
        end
      when 'User'
        link_to_user value
author	Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
	Tue, 2 Aug 2011 12:50:09 +0000 (12:50 +0000)
committer	Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
	Tue, 2 Aug 2011 12:50:09 +0000 (12:50 +0000)