From: Toshi MARUYAMA Date: Tue, 2 Aug 2011 12:54:18 +0000 (+0000) Subject: HTML escape at app/views/attachments/_links.rhtml. X-Git-Tag: 1.3.0~1585 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=b94b7b9383e14130145fd3f755617163005db24c;p=redmine.git HTML escape at app/views/attachments/_links.rhtml. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6358 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- diff --git a/app/views/attachments/_links.rhtml b/app/views/attachments/_links.rhtml index 19ab6734a..4f4e2d180 100644 --- a/app/views/attachments/_links.rhtml +++ b/app/views/attachments/_links.rhtml @@ -11,7 +11,7 @@ :title => l(:button_delete) %> <% end %> <% if options[:author] %> - <%= attachment.author %>, <%= format_time(attachment.created_on) %> + <%= h(attachment.author) %>, <%= format_time(attachment.created_on) %> <% end %>

<% end %>