Commit e3a72791eaee77fe360b39a599e3eeaf4dcfcec6 to auser's merb-core

auser / merb-core

Fork of wycats/merb-core
Description:	Merb Core: All you need. None you don't.
Homepage:	http://www.merbivore.com
Clone URL:	git://github.com/auser/merb-core.git Give this clone URL to anyone. `git clone git://github.com/auser/merb-core.git`
Search Repo:

Added html_escape around the exception.message in the show details 
section.

Signed-off-by: Ezra Zygmuntowicz <ez@engineyard.com>

Flea (author)

Wed Mar 12 07:22:37 -0700 2008

ezmobius (committer)

Wed Mar 19 12:22:25 -0700 2008

commit e3a72791eaee77fe360b39a599e3eeaf4dcfcec6
tree 3b0952cf703786f380107cc85e659c4a2b199d4f
parent 130ee1ee30e08e23cd4563bce954ecacff88a5b3

lib/merb-core/dispatch/exceptions.html.erb

lib/merb-core/dispatch/exceptions.html.erb

0
@@ -171,7 +171,7 @@
0
     <div class="header">
0
       <h1><%= @exception_name %> <sup class="error_<%= @exception.class::STATUS %>"><%= @exception.class::STATUS %></sup></h1>
0
       <% if show_details = ::Merb::Config[:exception_details] -%>
0
-				<h2><%= @exception.message %></h2>
0
+				<h2><%= html_escape(@exception.message) %></h2>
0
       <% else -%>
0
         <h2>Sorry about that...</h2>
0
       <% end -%>

Comments

No one has commented yet.