From: Etienne Massip Date: Tue, 4 Oct 2011 19:29:00 +0000 (+0000) Subject: Merged r7570 from trunk (#9245). X-Git-Tag: 1.2.2~24 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=0ef89ee4eaacb419f18a28ad8cdc0f6483054abf;p=redmine.git Merged r7570 from trunk (#9245). git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/branches/1.2-stable@7578 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- diff --git a/lib/redcloth3.rb b/lib/redcloth3.rb index f4c624437..8a33943dc 100644 --- a/lib/redcloth3.rb +++ b/lib/redcloth3.rb @@ -938,7 +938,7 @@ class RedCloth3 < String stln,algn,atts,url,title,href,href_a1,href_a2 = $~[1..8] htmlesc title atts = pba( atts ) - atts = " src=\"#{ url }\"#{ atts }" + atts = " src=\"#{ htmlesc url.dup }\"#{ atts }" atts << " title=\"#{ title }\"" if title atts << " alt=\"#{ title }\"" # size = @getimagesize($url);