diff options
| author | User <hukl@cccms.ccc.de> | 2010-12-29 17:06:40 +0100 |
|---|---|---|
| committer | User <hukl@cccms.ccc.de> | 2010-12-29 17:06:40 +0100 |
| commit | 91633ac4419d839661e35ae8f2efe5c9089cfb67 (patch) | |
| tree | c02b410c767dd1adbba6dc65357a9b5fcd9556dd /app/views | |
| parent | b32bc556a464615bd0bf5b4411960df6b37a8928 (diff) | |
use sanitize instead of only html_escape!
Diffstat (limited to 'app/views')
| -rw-r--r-- | app/views/search/index.html.erb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/app/views/search/index.html.erb b/app/views/search/index.html.erb index 9824b8f..ada6c61 100644 --- a/app/views/search/index.html.erb +++ b/app/views/search/index.html.erb | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | <% if params[:search_term] %> | 1 | <% if params[:search_term] %> |
| 2 | <h2>Suchergebnisse für Suchbegriff: <%=h params[:search_term] %></h2> | 2 | <h2>Suchergebnisse für Suchbegriff: <%=h sanitize(params[:search_term]) %></h2> |
| 3 | <% end %> | 3 | <% end %> |
| 4 | 4 | ||
| 5 | <%= | 5 | <%= |
| @@ -8,4 +8,4 @@ | |||
| 8 | :collection => @results, | 8 | :collection => @results, |
| 9 | :as => :node | 9 | :as => :node |
| 10 | ) | 10 | ) |
| 11 | %> \ No newline at end of file | 11 | %> |
