From: Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
Date: Tue, 2 Aug 2011 13:11:38 +0000 (+0000)
Subject: HTML escape at app/views/queries/index.rhtml.
X-Git-Tag: 1.3.0~1562
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=7e006b8500083c1d41adb9de1e157625366829a7;p=redmine.git

HTML escape at app/views/queries/index.rhtml.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6381 e93f8b46-1217-0410-a6f0-8f06a7374b81
---

diff --git a/app/views/queries/index.rhtml b/app/views/queries/index.rhtml
index 1c608b8ac..aa2a94a84 100644
--- a/app/views/queries/index.rhtml
+++ b/app/views/queries/index.rhtml
@@ -11,7 +11,7 @@
   <% @queries.each do |query| %>
     <tr class="<%= cycle('odd', 'even') %>">
       <td>
-        <%= link_to query.name, :controller => 'issues', :action => 'index', :project_id => @project, :query_id => query %>
+        <%= link_to h(query.name), :controller => 'issues', :action => 'index', :project_id => @project, :query_id => query %>
       </td>
       <td align="right">
         <small>