diff options
| author | Marius Balteanu <marius.balteanu@zitec.com> | 2022-10-04 18:58:37 +0000 |
|---|---|---|
| committer | Marius Balteanu <marius.balteanu@zitec.com> | 2022-10-04 18:58:37 +0000 |
| commit | ba635eace99f8552c3364d6b86b07043147c2dac (patch) | |
| tree | 1b8157830f61c8c7925a895078e55804ba30c86d /lib | |
| parent | 0ab2bb8647a08b381ed2eb94f6763aa0ad71668f (diff) | |
| download | redmine-ba635eace99f8552c3364d6b86b07043147c2dac.tar.gz redmine-ba635eace99f8552c3364d6b86b07043147c2dac.zip | |
Escape blockquote citation in textile formatting (#37751).
Patch by Jens Krämer.
git-svn-id: https://svn.redmine.org/redmine/trunk@21894 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/redmine/wiki_formatting/textile/redcloth3.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/redmine/wiki_formatting/textile/redcloth3.rb b/lib/redmine/wiki_formatting/textile/redcloth3.rb index dbb919ff1..b935db6b9 100644 --- a/lib/redmine/wiki_formatting/textile/redcloth3.rb +++ b/lib/redmine/wiki_formatting/textile/redcloth3.rb @@ -691,7 +691,7 @@ class RedCloth3 < String def textile_bq( tag, atts, cite, content ) cite, cite_title = check_refs( cite ) - cite = " cite=\"#{cite}\"" if cite + cite = " cite=\"#{htmlesc cite.dup}\"" if cite atts = shelve( atts ) if atts "\t<blockquote#{cite}>\n\t\t<p#{atts}>#{content}</p>\n\t</blockquote>" end |