From fb8f3a7ada2b5e47f213356c6bf17d89caaa9c1f Mon Sep 17 00:00:00 2001
From: Toshi MARUYAMA <marutosijp2@yahoo.co.jp>
Date: Tue, 2 Aug 2011 12:52:36 +0000
Subject: [PATCH] HTML escape at app/helpers/timelog_helper.rb.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6356 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 app/helpers/timelog_helper.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/helpers/timelog_helper.rb b/app/helpers/timelog_helper.rb
index d314a96f4..df3cf79b9 100644
--- a/app/helpers/timelog_helper.rb
+++ b/app/helpers/timelog_helper.rb
@@ -129,7 +129,7 @@ module TimelogHelper
     elsif k = @available_criterias[criteria][:klass]
       obj = k.find_by_id(value.to_i)
       if obj.is_a?(Issue)
-        obj.visible? ? "#{obj.tracker} ##{obj.id}: #{obj.subject}" : "##{obj.id}"
+        obj.visible? ? h("#{obj.tracker} ##{obj.id}: #{obj.subject}") : h("##{obj.id}")
       else
         obj
       end