From abdf0fa21c1b9dd8d6025fc799208f3166f1c291 Mon Sep 17 00:00:00 2001
From: Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
Date: Tue, 2 Aug 2011 13:21:50 +0000
Subject: [PATCH] HTML escape at app/views/wiki/annotate.rhtml.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6395 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 app/views/wiki/annotate.rhtml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/wiki/annotate.rhtml b/app/views/wiki/annotate.rhtml
index 863865a26..71691adca 100644
--- a/app/views/wiki/annotate.rhtml
+++ b/app/views/wiki/annotate.rhtml
@@ -8,8 +8,8 @@
 <h2><%=h @page.pretty_title %></h2>
 
 <p>
-<%= l(:label_version) %> <%= link_to @annotate.content.version, :action => 'show', :id => @page.title, :version => @annotate.content.version %>
-<em>(<%= @annotate.content.author ? @annotate.content.author.name : "anonyme" %>, <%= format_time(@annotate.content.updated_on) %>)</em>
+<%= l(:label_version) %> <%= link_to h(@annotate.content.version), :action => 'show', :id => @page.title, :version => @annotate.content.version %>
+<em>(<%= h(@annotate.content.author ? @annotate.content.author.name : "anonyme") %>, <%= format_time(@annotate.content.updated_on) %>)</em>
 </p>
 
 <% colors = Hash.new {|k,v| k[v] = (k.size % 12) } %>