SONAR-3406 Missing HTML escape in 'Edit rule' page in Quality profiles for rule parameters

author: Simon Brandhof <simon.brandhof@gmail.com> 2012-04-26 22:20:59 +0200
committer: Simon Brandhof <simon.brandhof@gmail.com> 2012-04-26 22:21:14 +0200
commit: 4b262d15878b31c6c2c7efd8236fb5c65093ba11 (patch)
tree: 78a1e0839f924e1bc7b50b376f32b36ef40f3801
parent: 6fbe83c06b8449b7835f804065c9327c05d71994 (diff)
download: sonarqube-4b262d15878b31c6c2c7efd8236fb5c65093ba11.tar.gz
sonarqube-4b262d15878b31c6c2c7efd8236fb5c65093ba11.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/rules_configuration/edit.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/rules_configuration/edit.html.erb
index b80e0565774..63990f20cd0 100644
--- a/sonar-server/src/main/webapp/WEB-INF/app/views/rules_configuration/edit.html.erb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/views/rules_configuration/edit.html.erb
@@ -44,7 +44,7 @@
       <td width="1%" nowrap><%= parameter.name %>:</td>
       <td class="sep"> </td>
       <td>
-        <input type="text" name="rule_param[<%= parameter.name -%>]" value="<%= parameter.default_value -%>"></input>
+        <input type="text" name="rule_param[<%= u parameter.name -%>]" value="<%= h parameter.default_value -%>"></input>
         <span class="small"><%= parameter.description %></span>
       </td>
     </tr>
author	Simon Brandhof <simon.brandhof@gmail.com>	2012-04-26 22:20:59 +0200
committer	Simon Brandhof <simon.brandhof@gmail.com>	2012-04-26 22:21:14 +0200
commit	4b262d15878b31c6c2c7efd8236fb5c65093ba11 (patch)
tree	78a1e0839f924e1bc7b50b376f32b36ef40f3801
parent	6fbe83c06b8449b7835f804065c9327c05d71994 (diff)
download	sonarqube-4b262d15878b31c6c2c7efd8236fb5c65093ba11.tar.gz sonarqube-4b262d15878b31c6c2c7efd8236fb5c65093ba11.zip