Escape textarea content when editing a issue note.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2143 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Philippe Lang <jp_lang@yahoo.fr> 2008-12-19 08:10:35 +0000
committer: Jean-Philippe Lang <jp_lang@yahoo.fr> 2008-12-19 08:10:35 +0000
commit: 3ce1be14f7db2fcf6a2654a3ed5fe5c118119ec4 (patch)
tree: 067a8cd946bab19cdab1d2aa0a7a95b03d01d39f /app/views/journals
parent: 22b4005fd35dd2cd4e8f73a40a71d917d7ff6496 (diff)
download: redmine-3ce1be14f7db2fcf6a2654a3ed5fe5c118119ec4.tar.gz
redmine-3ce1be14f7db2fcf6a2654a3ed5fe5c118119ec4.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/app/views/journals/_notes_form.rhtml b/app/views/journals/_notes_form.rhtml
index 94c710ebd..6e6ad0f88 100644
--- a/app/views/journals/_notes_form.rhtml
+++ b/app/views/journals/_notes_form.rhtml
@@ -1,6 +1,6 @@
 <% form_remote_tag(:url => {}, :html => { :id => "journal-#{@journal.id}-form" }) do %>
-    <%= text_area_tag :notes, @journal.notes, :class => 'wiki-edit', 
-                                              :rows => (@journal.notes.blank? ? 10 : [[10, @journal.notes.length / 50].max, 100].min) %>
+    <%= text_area_tag :notes, h(@journal.notes), :class => 'wiki-edit', 
+                                                 :rows => (@journal.notes.blank? ? 10 : [[10, @journal.notes.length / 50].max, 100].min) %>
     <%= call_hook(:view_journals_notes_form_after_notes, { :journal => @journal}) %>
     <p><%= submit_tag l(:button_save) %>
     <%= link_to l(:button_cancel), '#', :onclick => "Element.remove('journal-#{@journal.id}-form'); " +
author	Jean-Philippe Lang <jp_lang@yahoo.fr>	2008-12-19 08:10:35 +0000
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>	2008-12-19 08:10:35 +0000
commit	3ce1be14f7db2fcf6a2654a3ed5fe5c118119ec4 (patch)
tree	067a8cd946bab19cdab1d2aa0a7a95b03d01d39f /app/views/journals
parent	22b4005fd35dd2cd4e8f73a40a71d917d7ff6496 (diff)
download	redmine-3ce1be14f7db2fcf6a2654a3ed5fe5c118119ec4.tar.gz redmine-3ce1be14f7db2fcf6a2654a3ed5fe5c118119ec4.zip