From: Tom Hughes <tom@compton.nu>
Date: Mon, 7 Jul 2008 08:06:56 +0000 (+0000)
Subject: Sanitize user descriptions properly.
X-Git-Tag: live~7764
X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/9c580277efbafe68e31d675e0b2f71e100665783

Sanitize user descriptions properly.
---

diff --git a/app/views/user/view.rhtml b/app/views/user/view.rhtml
index f27ce6f0a..c5fc6388d 100644
--- a/app/views/user/view.rhtml
+++ b/app/views/user/view.rhtml
@@ -33,7 +33,7 @@
 <% end %>
 
 <h3>Description</h3>
-<div id="description"><%= simple_format(@this_user.description) %></div>
+<div id="description"><%= htmlize(@this_user.description) %></div>
 
 <% if @this_user.home_lat.nil? or @this_user.home_lon.nil? %>
 <h3>User location</h3>