HTML escape substituted parameter values to avoid injection attacks.
[rails.git] / app / views / user / save.rhtml
1 blah
2
3 <%= @user.email %>