From: Jean-Philippe Lang Date: Fri, 27 Mar 2009 18:27:06 +0000 (+0000) Subject: Escape member name. X-Git-Tag: 0.9.0~546 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=3557e767e0b0c1e9fd7f97414a92f3d9dc00d98e;p=redmine.git Escape member name. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2636 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- diff --git a/app/views/projects/settings/_members.rhtml b/app/views/projects/settings/_members.rhtml index 79ddeded5..f70cef5a8 100644 --- a/app/views/projects/settings/_members.rhtml +++ b/app/views/projects/settings/_members.rhtml @@ -17,7 +17,7 @@ <% members.each do |member| %> <% next if member.new_record? %> - <%= member.name %> + <%=h member.name %> <% if authorize_for('members', 'edit') %> <% remote_form_for(:member, member, :url => {:controller => 'members', :action => 'edit', :id => member}, :method => :post) do |f| %>