myexperiment-hackers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[myexperiment-hackers] [2397] trunk/app/views/home/_latest_groups.rhtml:

From: noreply
Subject: [myexperiment-hackers] [2397] trunk/app/views/home/_latest_groups.rhtml: Protect display of groups from html injection vulnerability.
Date: Wed, 28 Apr 2010 11:55:25 -0400 (EDT)
Revision
2397
Author
dtm
Date
2010-04-28 11:55:24 -0400 (Wed, 28 Apr 2010)

Log Message

Protect display of groups from html injection vulnerability.

Modified Paths

Diff

Modified: trunk/app/views/home/_latest_groups.rhtml (2396 => 2397)


--- trunk/app/views/home/_latest_groups.rhtml	2010-04-28 13:40:27 UTC (rev 2396)
+++ trunk/app/views/home/_latest_groups.rhtml	2010-04-28 15:55:24 UTC (rev 2397)
@@ -12,7 +12,7 @@
 						<% if Authorization.is_authorized?("show", nil, g, current_user) %>
 							<li>
 								<%= icon('network', nil, nil, 'group icon', '') %>
-								<b><%= link_to g.title, group_path(g) %></b> 
+								<b><%= link_to h(g.title), group_path(g) %></b> 
 								by <b><%= contributor(g.user_id, 'User') %></b>
 								(<%= timeago_fuzzy g.created_at %>)
 							</li>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]