From 71d089c83329a0dcaad650f3a97b8d5262db1dd8 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Thu, 14 Feb 2008 21:17:28 +0000 Subject: [PATCH] Escape titles in activity view. git-svn-id: http://redmine.rubyforge.org/svn/trunk@1145 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/views/projects/activity.rhtml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/projects/activity.rhtml b/app/views/projects/activity.rhtml index bde80655..12139c2e 100644 --- a/app/views/projects/activity.rhtml +++ b/app/views/projects/activity.rhtml @@ -6,7 +6,7 @@
<% @events_by_day[day].sort {|x,y| y.event_datetime <=> x.event_datetime }.each do |e| -%>
<%= format_time(e.event_datetime, false) %> - <%= link_to truncate(e.event_title, 100), e.event_url %>
+ <%= link_to h(truncate(e.event_title, 100)), e.event_url %>
<% unless e.event_description.blank? -%> <%= format_activity_description(e.event_description) %>
<% end %>