]> git.openstreetmap.org Git - rails.git/commitdiff
projects / rails.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from: 9f909d7)
Add a few more escape calls to prevent nasty HTML being rendered. Also
authorTom Hughes <tom@compton.nu>
Tue, 15 Jan 2008 18:22:08 +0000 (18:22 +0000)
committerTom Hughes <tom@compton.nu>
Tue, 15 Jan 2008 18:22:08 +0000 (18:22 +0000)
switch to using sanitize() instead of h() to escape message bodies. This
is not quite as safe as there is no guarantee that the HTML scanner it
uses will find everything, but is does allow benign HTML tags to be
displayed again.


No differences found
The OpenStreetMap web site