Commit c04f9958eabc0858717477620b7f55b969bce672 to technoweenie's mephisto

technoweenie / mephisto

Fork of halorgium/mephisto
Description:	A mirror of the mephisto code-base
Homepage:	http://mephistoblog.com/
Clone URL:	git://github.com/technoweenie/mephisto.git Give this clone URL to anyone. `git clone git://github.com/technoweenie/mephisto.git`

Click here to lend your support to: mephisto and make a donation at www.pledgie.com !

Fix xss vulnerability

git-svn-id: http://svn.techno-weenie.net/projects/mephisto/trunk@2813 
567b1171-46fb-0310-a4c9-b4bef9110e78

technoweenie (author)

Sat Mar 24 22:56:29 -0700 2007

commit c04f9958eabc0858717477620b7f55b969bce672
tree 586c35814730b22bcd7a9791192b5d4f4b444847
parent 3a75a19ce68fac27f73064dd0bbc51ed9ebf889b

app/helpers/application_helper.rb

app/helpers/application_helper.rb

0
@@ -2,7 +2,7 @@ require 'digest/md5'
0
 module ApplicationHelper
0
 
0
   def author_link_for(comment)
0
-    return comment.author if comment.author_url.blank?
0
+    return h(comment.author) if comment.author_url.blank?
0
     link_to h(comment.author), "#{'http://' unless comment.author_url =~ /^https?:\/\//}#{comment.author_url}"
0
   end
0

Comments

No one has commented yet.