diff options
| author | Jochen Topf <jochen@topf.org> | 2013-02-11 10:24:52 +0100 |
|---|---|---|
| committer | Jochen Topf <jochen@topf.org> | 2013-02-11 10:24:52 +0100 |
| commit | da1311e463ee6c27369be7e02a463114620c8a8f (patch) | |
| tree | 2832f9b899187f9ead6ff5ff2f260a8d2ed44ac3 /web/views/search.erb | |
| parent | fbcfeb0b4b0ea030037976e648710ab3754f45ff (diff) | |
| download | taginfo-da1311e463ee6c27369be7e02a463114620c8a8f.tar taginfo-da1311e463ee6c27369be7e02a463114620c8a8f.tar.gz | |
More escaping... (Fixes https://trac.openstreetmap.org/ticket/4775)
Diffstat (limited to 'web/views/search.erb')
| -rw-r--r-- | web/views/search.erb | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/web/views/search.erb b/web/views/search.erb index b6bf5ce..40fdb20 100644 --- a/web/views/search.erb +++ b/web/views/search.erb @@ -1,37 +1,37 @@ <div class="pre"> <h1 class="section"><%= @title %></h1> - <p><b><%= t.pages.search.you_were_searching_for %>:</b> <%= escape_html(@query) %></p> + <p><b><%= h(t.pages.search.you_were_searching_for) %>:</b> <%= escape_html(@query) %></p> </div> <div id="tabs"> <ul> - <li><a href="#keys"><%= t.osm.keys %></a></li> - <li><a href="#values"><%= t.osm.values %></a></li> - <li><a href="#relations"><%= t.osm.relation_types %></a></li> - <li><a href="#roles"><%= t.osm.relation_member_roles %></a></li> - <li><a href="#fulltext"><%= t.pages.search.fulltext %></a></li> + <li><a href="#keys"><%= h(t.osm.keys) %></a></li> + <li><a href="#values"><%= h(t.osm.values) %></a></li> + <li><a href="#relations"><%= h(t.osm.relation_types) %></a></li> + <li><a href="#roles"><%= h(t.osm.relation_member_roles) %></a></li> + <li><a href="#fulltext"><%= h(t.pages.search.fulltext) %></a></li> </ul> <div id="keys"> - <h2><%= t.osm.keys %></h2> + <h2><%= h(t.osm.keys) %></h2> <table id="grid-keys"> </table> </div> <div id="values"> - <h2><%= t.osm.values %></h2> + <h2><%= h(t.osm.values) %></h2> <table id="grid-values"> </table> </div> <div id="relations"> - <h2><%= t.osm.relation_types %></h2> + <h2><%= h(t.osm.relation_types) %></h2> <table id="grid-relations"> </table> </div> <div id="roles"> - <h2><%= t.osm.relation_member_roles %></h2> + <h2><%= h(t.osm.relation_member_roles) %></h2> <table id="grid-roles"> </table> </div> <div id="fulltext"> - <h2><%= t.pages.search.fulltext %></h2> + <h2><%= h(t.pages.search.fulltext) %></h2> <p class="boxpre" style="color: #f00000;">This search is experimental. It shows keys and tags that might be related to the word you searched for. This doesn't work if there are several words.</p> <table id="grid-fulltext"> </table> |