From: Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
Date: Tue, 2 Aug 2011 12:54:18 +0000 (+0000)
Subject: HTML escape at app/views/attachments/_links.rhtml.
X-Git-Tag: 1.3.0~1585
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=b94b7b9383e14130145fd3f755617163005db24c;p=redmine.git

HTML escape at app/views/attachments/_links.rhtml.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6358 e93f8b46-1217-0410-a6f0-8f06a7374b81
---

diff --git a/app/views/attachments/_links.rhtml b/app/views/attachments/_links.rhtml
index 19ab6734a..4f4e2d180 100644
--- a/app/views/attachments/_links.rhtml
+++ b/app/views/attachments/_links.rhtml
@@ -11,7 +11,7 @@
                                          :title => l(:button_delete) %>
   <% end %>
   <% if options[:author] %>
-    <span class="author"><%= attachment.author %>, <%= format_time(attachment.created_on) %></span>
+    <span class="author"><%= h(attachment.author) %>, <%= format_time(attachment.created_on) %></span>
   <% end %>
   </p>
 <% end %>