From a1847bc4e60c3c83f870816293d9b04472348a6f Mon Sep 17 00:00:00 2001 From: Toshi MARUYAMA Date: Tue, 2 Aug 2011 13:19:45 +0000 Subject: [PATCH] HTML escape at app/views/wiki/history.rhtml. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6392 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/views/wiki/history.rhtml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/wiki/history.rhtml b/app/views/wiki/history.rhtml index 73d30569a..4481e8634 100644 --- a/app/views/wiki/history.rhtml +++ b/app/views/wiki/history.rhtml @@ -20,7 +20,7 @@ <% line_num = 1 %> <% @versions.each do |ver| %> "> - <%= link_to ver.version, :action => 'show', :id => @page.title, :project_id => @page.project, :version => ver.version %> + <%= link_to h(ver.version), :action => 'show', :id => @page.title, :project_id => @page.project, :version => ver.version %> <%= radio_button_tag('version', ver.version, (line_num==1), :id => "cb-#{line_num}", :onclick => "$('cbto-#{line_num+1}').checked=true;") if show_diff && (line_num < @versions.size) %> <%= radio_button_tag('version_from', ver.version, (line_num==2), :id => "cbto-#{line_num}") if show_diff && (line_num > 1) %> <%= format_time(ver.updated_on) %>