Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fix XSS injection (reported on http://lamernews.com/news/439 )

  • Loading branch information...
commit 49247093f6457d3a82741c3ac3457ecfc2dcf42a 1 parent bb45013
@seppo0010 seppo0010 authored
Showing with 1 addition and 1 deletion.
  1. +1 −1  app.rb
View
2  app.rb
@@ -828,7 +828,7 @@ def application_header
rnavbar = H.nav(:id => "account") {
if $user
H.a(:href => "/user/"+H.urlencode($user['username'])) {
- $user['username']+" (#{$user['karma']})"
+ H.entities $user['username']+" (#{$user['karma']})"
}+" | "+
H.a(:href =>
"/logout?apisecret=#{$user['apisecret']}") {
Please sign in to comment.
Something went wrong with that request. Please try again.