From: Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
Date: Tue, 2 Aug 2011 12:50:09 +0000 (+0000)
Subject: HTML escape at app/helpers/queries_helper.rb.
X-Git-Tag: 1.3.0~1590
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=79ff599223e78dc41eb6e48fad482a1cd11b8c19;p=redmine.git

HTML escape at app/helpers/queries_helper.rb.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6353 e93f8b46-1217-0410-a6f0-8f06a7374b81
---

diff --git a/app/helpers/queries_helper.rb b/app/helpers/queries_helper.rb
index e65e957b6..249c4d0ea 100644
--- a/app/helpers/queries_helper.rb
+++ b/app/helpers/queries_helper.rb
@@ -45,7 +45,7 @@ module QueriesHelper
       if column.name == :done_ratio
         progress_bar(value, :width => '80px')
       else
-        value.to_s
+        h(value.to_s)
       end
     when 'User'
       link_to_user value