diff options
| author | Toshi MARUYAMA <marutosijp2@yahoo.co.jp> | 2011-07-29 23:20:36 +0000 |
|---|---|---|
| committer | Toshi MARUYAMA <marutosijp2@yahoo.co.jp> | 2011-07-29 23:20:36 +0000 |
| commit | 12785890180a9ee3e3cc88223615ccff2d966c42 (patch) | |
| tree | a7ce7ae8a718616ed1c33a85fbf028d1c0c5b476 /app/views/issues | |
| parent | 1317b99c3d0b8cb2ae0cd163cd8232261689db11 (diff) | |
| download | redmine-12785890180a9ee3e3cc88223615ccff2d966c42.tar.gz redmine-12785890180a9ee3e3cc88223615ccff2d966c42.zip | |
html_escape issue fields
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6326 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/views/issues')
| -rw-r--r-- | app/views/issues/show.rhtml | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/app/views/issues/show.rhtml b/app/views/issues/show.rhtml index 9cdf3f64f..1f074e20c 100644 --- a/app/views/issues/show.rhtml +++ b/app/views/issues/show.rhtml @@ -17,11 +17,11 @@ <table class="attributes"> <tr> - <th class="status"><%=l(:field_status)%>:</th><td class="status"><%= @issue.status.name %></td> + <th class="status"><%=l(:field_status)%>:</th><td class="status"><%= h(@issue.status.name) %></td> <th class="start-date"><%=l(:field_start_date)%>:</th><td class="start-date"><%= format_date(@issue.start_date) %></td> </tr> <tr> - <th class="priority"><%=l(:field_priority)%>:</th><td class="priority"><%= @issue.priority.name %></td> + <th class="priority"><%=l(:field_priority)%>:</th><td class="priority"><%= h(@issue.priority.name) %></td> <th class="due-date"><%=l(:field_due_date)%>:</th><td class="due-date"><%= format_date(@issue.due_date) %></td> </tr> <tr> @@ -29,7 +29,7 @@ <th class="progress"><%=l(:field_done_ratio)%>:</th><td class="progress"><%= progress_bar @issue.done_ratio, :width => '80px', :legend => "#{@issue.done_ratio}%" %></td> </tr> <tr> - <th class="category"><%=l(:field_category)%>:</th><td class="category"><%=h @issue.category ? @issue.category.name : "-" %></td> + <th class="category"><%=l(:field_category)%>:</th><td class="category"><%=h(@issue.category ? @issue.category.name : "-") %></td> <% if User.current.allowed_to?(:view_time_entries, @project) %> <th class="spent-time"><%=l(:label_spent_time)%>:</th> <td class="spent-time"><%= @issue.spent_hours > 0 ? (link_to l_hours(@issue.spent_hours), {:controller => 'timelog', :action => 'index', :project_id => @project, :issue_id => @issue}) : "-" %></td> |