Browse files

RT #62095: prevent XSS

  • Loading branch information...
1 parent 583938b commit 3ce71ea74b728526f61ca42289175323bc5b5360 @daxim daxim committed Feb 15, 2011
Showing with 1 addition and 1 deletion.
  1. +1 −1 lib/Catalyst/Manual/Tutorial/04_BasicCRUD.pod
View
2 lib/Catalyst/Manual/Tutorial/04_BasicCRUD.pod
@@ -886,7 +886,7 @@ query parameter:
...
<div id="content">
[%# Status and error messages %]
- <span class="message">[% status_msg || c.request.params.status_msg %]</span>
+ <span class="message">[% status_msg || c.request.params.status_msg | html %]</span>
<span class="error">[% error_msg %]</span>
[%# This is where TT will stick all of your template's contents. -%]
[% content %]

0 comments on commit 3ce71ea

Please sign in to comment.