diff options
| author | Louise Crow <louise.crow@gmail.com> | 2013-01-16 13:56:25 +0000 |
|---|---|---|
| committer | Louise Crow <louise.crow@gmail.com> | 2013-01-16 13:56:25 +0000 |
| commit | cc91fa28cd0e64576a5f2d8e5c2cb3629636ee74 (patch) | |
| tree | cbb1aef74227804182b5e1ac003beddb26a158d4 /app/controllers/services_controller.rb | |
| parent | 5de48637d9efa6236d2f8478126d67fefe416096 (diff) | |
| parent | a67666e34c280d2b9eb613f57d96ba4ee5fcd749 (diff) | |
Merge remote-tracking branch 'openaustralia_github/rails_xss' into develop
Diffstat (limited to 'app/controllers/services_controller.rb')
| -rw-r--r-- | app/controllers/services_controller.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/controllers/services_controller.rb b/app/controllers/services_controller.rb index 38bf51772..1db5348c7 100644 --- a/app/controllers/services_controller.rb +++ b/app/controllers/services_controller.rb @@ -25,7 +25,7 @@ class ServicesController < ApplicationController end end if !text.empty? - text += ' <span class="close-button">X</span>' + text += ' <span class="close-button">X</span>'.html_safe end render :text => text, :content_type => "text/plain" # XXX workaround the HTML validation in test suite end |