HTML escape substituted parameter values to avoid injection attacks.
[rails.git] / app / views / user / index.rhtml