HTML escape at app/views/wiki/date_index.html.erb.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6389 e93f8b46-1217-0410-a6f0-8f06a7374b81

diff --git a/app/views/wiki/date_index.html.erb b/app/views/wiki/date_index.html.erb
index a0327cf4cb66a605089c4538329448643ef9585c..e1d39baefb11552243985fdb8969759f1b83e32a 100644 (file)
--- a/app/views/wiki/date_index.html.erb
+++ b/app/views/wiki/date_index.html.erb
@@ -12,7 +12,7 @@
 <h3><%= format_date(date) %></h3>
 <ul>
 <% @pages_by_date[date].each do |page| %>
-    <li><%= link_to page.pretty_title, :action => 'show', :id => page.title, :project_id => page.project %></li>
+    <li><%= link_to h(page.pretty_title), :action => 'show', :id => page.title, :project_id => page.project %></li>
 <% end %>
 </ul>
 <% end %>