From: Tom Hughes <tom@compton.nu>
Date: Wed, 21 Apr 2010 23:43:31 +0000 (+0100)
Subject: Case #2908: Escape user name in user not found error
X-Git-Tag: live~6339^2~7
X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/3008963a4ba857efb808fa1d0a02cbac992a412c?ds=inline

Case #2908: Escape user name in user not found error
---

diff --git a/app/views/user/no_such_user.html.erb b/app/views/user/no_such_user.html.erb
index 585d29d8c..8507f5abb 100644
--- a/app/views/user/no_such_user.html.erb
+++ b/app/views/user/no_such_user.html.erb
@@ -1,2 +1,2 @@
-<h2><%= t 'user.no_such_user.heading', :user => @not_found_user %></h2>
-<p><%= t 'user.no_such_user.body', :user => @not_found_user %></p>
+<h2><%= t 'user.no_such_user.heading', :user => h(@not_found_user) %></h2>
+<p><%= t 'user.no_such_user.body', :user => h(@not_found_user) %></p>