cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Escape tag values - there is no reason at all to render things which

Browse source 
might look like HTML tags in a tag value.
This commit is contained in:
Tom Hughes 2009-09-14 23:17:02 +00:00
parent 253e8a272d
commit 9200520395
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/views/changeset/list.atom.builder
View file

@ -68,7 +68,7 @@ atom_feed(:language => I18n.locale, :schema_date => 2009,
td.table :cellpadding => "0" do |table|
changeset.tags.sort.each do |tag|
table.tr do |tr|
tr.td "#{h(tag[0])} = #{sanitize(tag[1])}"
tr.td "#{h(tag[0])} = #{auto_link(h(tag[1]))}"
end
end
end