HTML escape at app/views/wikis/destroy.rhtml.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6394 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Toshi MARUYAMA <marutosijp2@yahoo.co.jp> 2011-08-02 13:21:08 +0000
committer: Toshi MARUYAMA <marutosijp2@yahoo.co.jp> 2011-08-02 13:21:08 +0000
commit: fb04ab504acd61d0e7a958f3d0f19e296d442e37 (patch)
tree: 0768408355812b06d13a269abc6d5555eb4125ec /app
parent: 0c2958dbdac81970f32c1465f96d1d87925acd65 (diff)
download: redmine-fb04ab504acd61d0e7a958f3d0f19e296d442e37.tar.gz
redmine-fb04ab504acd61d0e7a958f3d0f19e296d442e37.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/app/views/wikis/destroy.rhtml b/app/views/wikis/destroy.rhtml
index b5b1de114..75c0eac24 100644
--- a/app/views/wikis/destroy.rhtml
+++ b/app/views/wikis/destroy.rhtml
@@ -1,7 +1,7 @@
 <h2><%=l(:label_confirmation)%></h2>
 
 <div class="box"><center>
-<p><strong><%= @project.name %></strong><br /><%=l(:text_wiki_destroy_confirmation)%></p>
+<p><strong><%= h(@project.name) %></strong><br /><%=l(:text_wiki_destroy_confirmation)%></p>
 
 <% form_tag({:controller => 'wikis', :action => 'destroy', :id => @project}) do %>
 <%= hidden_field_tag "confirm", 1 %>
author	Toshi MARUYAMA <marutosijp2@yahoo.co.jp>	2011-08-02 13:21:08 +0000
committer	Toshi MARUYAMA <marutosijp2@yahoo.co.jp>	2011-08-02 13:21:08 +0000
commit	fb04ab504acd61d0e7a958f3d0f19e296d442e37 (patch)
tree	0768408355812b06d13a269abc6d5555eb4125ec /app
parent	0c2958dbdac81970f32c1465f96d1d87925acd65 (diff)
download	redmine-fb04ab504acd61d0e7a958f3d0f19e296d442e37.tar.gz redmine-fb04ab504acd61d0e7a958f3d0f19e296d442e37.zip