sanitizeHTML() has to be called later to keep the path unchanged

2 files changed, 3 insertions, 3 deletions

diff --git a/apps/gallery/index.php b/apps/gallery/index.php
index 52a5b81a23a..b8aadacb47f 100644
--- a/apps/gallery/index.php
+++ b/apps/gallery/index.php
@@ -94,7 +94,7 @@ for($i = 0; $i<count($root_images); $i++) {
 }
 
 $tmpl = new OCP\Template( 'gallery', 'index', 'user' );
-$tmpl->assign('root', $root);
+$tmpl->assign('root', $root, false);
 $tmpl->assign('tl', $tl, false);
 $tmpl->printPage();
 ?>
diff --git a/apps/gallery/templates/index.php b/apps/gallery/templates/index.php
index c3b4a178545..c90932cefd0 100644
--- a/apps/gallery/templates/index.php
+++ b/apps/gallery/templates/index.php
@@ -1,6 +1,6 @@
 <script type="text/javascript">
 
-var root = "<?php echo OCP\Util::sanitizeHTML($_['root']); ?>";
+var root = "<?php echo $_['root']; ?>";
 
 $(document).ready(function() {
 		$("a[rel=images]").fancybox({
@@ -18,7 +18,7 @@ $(document).ready(function() {
 		for ($i = 0; $i < count($paths); $i++) {
 			$path .= urlencode($paths[$i]).'/';
 			$classess = 'crumb'.($i == count($paths)-1?' last':'');
-			echo '<div class="'.$classess.'" style="background-image:url(\''.\OCP\image_path('core','breadcrumb.png').'\')"><a href="'.\OCP\Util::linkTo('gallery', 'index.php').'&root='.$path.'">'.$paths[$i].'</a></div>';
+			echo '<div class="'.$classess.'" style="background-image:url(\''.\OCP\image_path('core','breadcrumb.png').'\')"><a href="'.\OCP\Util::linkTo('gallery', 'index.php').'&root='.$path.'">'.OCP\Util::sanitizeHTML($paths[$i]).'</a></div>';
 		}
 	}