Fix two XSS injectionsHEAD master

The EmailAddress problem was submitted upstream to hobo.
author: Petteri Räty <betelgeuse@gentoo.org> 2011-08-02 23:32:04 +0300
committer: Petteri Räty <betelgeuse@gentoo.org> 2011-08-02 23:32:24 +0300
commit: cf450f1e4f5f2317e64291487bfccd89a2b243bf (patch)
tree: 6f5c27d827a49d61e8158ba3dd48f438cc10ad66 /app
parent: Don't show wrong unanswered questions count (diff)
download: recruiting-webapp-master.tar.gz
recruiting-webapp-master.tar.bz2
recruiting-webapp-master.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/app/views/taglibs/views.dryml b/app/views/taglibs/views.dryml
index c4bcd89..c5be181 100644
--- a/app/views/taglibs/views.dryml
+++ b/app/views/taglibs/views.dryml
@@ -10,7 +10,7 @@
   <%= this.content.to_html %>
   <ul>
     <repeat:options>
-      <li><%=this.content%></li>
+      <li><%= h this.content%></li>
     </repeat>
   </ul>
 </def>
author	Petteri Räty <betelgeuse@gentoo.org>	2011-08-02 23:32:04 +0300
committer	Petteri Räty <betelgeuse@gentoo.org>	2011-08-02 23:32:24 +0300
commit	cf450f1e4f5f2317e64291487bfccd89a2b243bf (patch)
tree	6f5c27d827a49d61e8158ba3dd48f438cc10ad66 /app
parent	Don't show wrong unanswered questions count (diff)
download	recruiting-webapp-master.tar.gz recruiting-webapp-master.tar.bz2 recruiting-webapp-master.zip