diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2010-03-24 20:26:22 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2010-03-24 20:26:22 +0000 |
| commit | 8cdcf308bef6a2ad9ee4fcf60ae9d716f6c562e8 (patch) | |
| tree | 0eb31156bc692f172ed19595b02e73c1e17ebb7b /lib/redcloth3.rb | |
| parent | 84dfff5957d4486258a1e4a30b9a72933278c1df (diff) | |
| download | redmine-8cdcf308bef6a2ad9ee4fcf60ae9d716f6c562e8.tar.gz redmine-8cdcf308bef6a2ad9ee4fcf60ae9d716f6c562e8.zip | |
Escape href attribute in auto links (#5179).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3612 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'lib/redcloth3.rb')
| -rw-r--r-- | lib/redcloth3.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/redcloth3.rb b/lib/redcloth3.rb index 045d44f5d..fa48b2db9 100644 --- a/lib/redcloth3.rb +++ b/lib/redcloth3.rb @@ -825,7 +825,7 @@ class RedCloth3 < String post = ")"+post # add closing parenth to post end atts = pba( atts ) - atts = " href=\"#{ url }#{ slash }\"#{ atts }" + atts = " href=\"#{ htmlesc url }#{ slash }\"#{ atts }" atts << " title=\"#{ htmlesc title }\"" if title atts = shelve( atts ) if atts |