More escaping.
authorTom Hughes <tom@compton.nu>
Tue, 4 Mar 2008 17:53:36 +0000 (17:53 +0000)
committerTom Hughes <tom@compton.nu>
Tue, 4 Mar 2008 17:53:36 +0000 (17:53 +0000)
app/views/diary_entry/list.rhtml

index b5480757860d6a464df121ac095b5c8ad208a79d..dd90de1697f70bc723265ba4ee313af1785224a8 100644 (file)
@@ -1,4 +1,4 @@
-<h2><%= @title %></h2>
+<h2><%= h(@title) %></h2>
 
 <% if @this_user && @this_user.image %>
  <%= image_tag url_for_file_column(@this_user, "image") %>