summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorUser <hukl@cccms.ccc.de>2010-12-29 17:06:40 +0100
committerUser <hukl@cccms.ccc.de>2010-12-29 17:06:40 +0100
commit91633ac4419d839661e35ae8f2efe5c9089cfb67 (patch)
treec02b410c767dd1adbba6dc65357a9b5fcd9556dd /app
parentb32bc556a464615bd0bf5b4411960df6b37a8928 (diff)
use sanitize instead of only html_escape!
Diffstat (limited to 'app')
-rw-r--r--app/views/search/index.html.erb4
1 files changed, 2 insertions, 2 deletions
diff --git a/app/views/search/index.html.erb b/app/views/search/index.html.erb
index 9824b8f..ada6c61 100644
--- a/app/views/search/index.html.erb
+++ b/app/views/search/index.html.erb
@@ -1,5 +1,5 @@
1<% if params[:search_term] %> 1<% if params[:search_term] %>
2 <h2>Suchergebnisse für Suchbegriff: <%=h params[:search_term] %></h2> 2 <h2>Suchergebnisse für Suchbegriff: <%=h sanitize(params[:search_term]) %></h2>
3<% end %> 3<% end %>
4 4
5<%= 5<%=
@@ -8,4 +8,4 @@
8 :collection => @results, 8 :collection => @results,
9 :as => :node 9 :as => :node
10 ) 10 )
11%> \ No newline at end of file 11%>