Skip to content
Snippets Groups Projects
Commit 315ec5f6 authored by Eric Davis's avatar Eric Davis
Browse files

HTML escape some user values

parent e9c542d7
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
app/views/my/_sidebar.rhtml
+ 2
2
View file @ 315ec5f6
<h3><%=l(:label_my_account)%></h3>
<p><%=l(:field_login)%>: <strong><%= link_to @user.login, user_path(@user) %></strong><br />
<p><%=l(:field_login)%>: <strong><%= link_to(h(@user.login), user_path(@user) %></strong><br />
<%=l(:field_created_on)%>: <%= format_time(@user.created_on) %></p>
......@@ -19,7 +19,7 @@
<h4><%= l(:label_api_access_key) %></h4>
<div>
<%= link_to_function(l(:button_show), "$('api-access-key').toggle();")%>
<pre id='api-access-key' class='autoscroll'><%= @user.api_key %></pre>
<pre id='api-access-key' class='autoscroll'><%= h(@user.api_key) %></pre>
</div>
<%= javascript_tag("$('api-access-key').hide();") %>
<p>
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment