diff options
| author | Jochen Topf <jochen@topf.org> | 2013-02-11 10:24:52 +0100 |
|---|---|---|
| committer | Jochen Topf <jochen@topf.org> | 2013-02-11 10:24:52 +0100 |
| commit | da1311e463ee6c27369be7e02a463114620c8a8f (patch) | |
| tree | 2832f9b899187f9ead6ff5ff2f260a8d2ed44ac3 /web/views | |
| parent | fbcfeb0b4b0ea030037976e648710ab3754f45ff (diff) | |
| download | taginfo-da1311e463ee6c27369be7e02a463114620c8a8f.tar taginfo-da1311e463ee6c27369be7e02a463114620c8a8f.tar.gz | |
More escaping... (Fixes https://trac.openstreetmap.org/ticket/4775)
Diffstat (limited to 'web/views')
| -rw-r--r-- | web/views/about.erb | 6 | ||||
| -rw-r--r-- | web/views/download.erb | 16 | ||||
| -rw-r--r-- | web/views/help/keyboard.erb | 42 | ||||
| -rw-r--r-- | web/views/help/search.erb | 10 | ||||
| -rw-r--r-- | web/views/index.erb | 28 | ||||
| -rw-r--r-- | web/views/key.erb | 48 | ||||
| -rw-r--r-- | web/views/keys.erb | 4 | ||||
| -rw-r--r-- | web/views/layout.erb | 18 | ||||
| -rw-r--r-- | web/views/not_found.erb | 4 | ||||
| -rw-r--r-- | web/views/relation.erb | 26 | ||||
| -rw-r--r-- | web/views/relations.erb | 2 | ||||
| -rw-r--r-- | web/views/reports/characters_in_keys.erb | 20 | ||||
| -rw-r--r-- | web/views/reports/database_statistics.erb | 12 | ||||
| -rw-r--r-- | web/views/reports/index.erb | 6 | ||||
| -rw-r--r-- | web/views/reports/josm_styles.erb | 2 | ||||
| -rw-r--r-- | web/views/reports/language_comparison_table_for_keys_in_the_wiki.erb | 10 | ||||
| -rw-r--r-- | web/views/reports/languages.erb | 2 | ||||
| -rw-r--r-- | web/views/reports/name_tags.erb | 12 | ||||
| -rw-r--r-- | web/views/reports/wiki_pages_about_non_existing_keys.erb | 2 | ||||
| -rw-r--r-- | web/views/search.erb | 22 | ||||
| -rw-r--r-- | web/views/search_tags.erb | 6 | ||||
| -rw-r--r-- | web/views/sources.erb | 12 | ||||
| -rw-r--r-- | web/views/tag.erb | 38 | ||||
| -rw-r--r-- | web/views/tags.erb | 4 |
24 files changed, 176 insertions, 176 deletions
diff --git a/web/views/about.erb b/web/views/about.erb index ea3d09c..4ffde59 100644 --- a/web/views/about.erb +++ b/web/views/about.erb @@ -1,10 +1,10 @@ <table class="boxes" width="100%"> <tr> - <td><h2><%= t.taginfo.about %></h2></td> + <td><h2><%= h(t.taginfo.about) %></h2></td> <td rowspan="4" width="20"></td> - <td width="232"><h2><%= t.taginfo.sources %></h2></td> + <td width="232"><h2><%= h(t.taginfo.sources) %></h2></td> <td rowspan="2" width="20"></td> - <td width="232"><h2><%= t.taginfo.contact %></h2></td> + <td width="232"><h2><%= h(t.taginfo.contact) %></h2></td> </tr> <tr> <td class="box"> diff --git a/web/views/download.erb b/web/views/download.erb index cf87a52..27ac3a1 100644 --- a/web/views/download.erb +++ b/web/views/download.erb @@ -1,20 +1,20 @@ <div class="pre"> - <h1 class="section"><%= t.taginfo.download %></h1> + <h1 class="section"><%= h(t.taginfo.download) %></h1> <%= t.pages.download.intro %> </div> <div class="box resize"> <table class="list"> <tr> - <th class="tl"><%= t.pages.download.file %></th> - <th class="tr"><%= t.pages.download.packed %></th> - <th class="tr"><%= t.pages.download.unpacked %></th> - <th class="tl"><%= t.pages.download.description %></th> + <th class="tl"><%= h(t.pages.download.file) %></th> + <th class="tr"><%= h(t.pages.download.packed) %></th> + <th class="tr"><%= h(t.pages.download.unpacked) %></th> + <th class="tl"><%= h(t.pages.download.description) %></th> </tr> <tr> <td class="tl"><a rel="nofollow" href="/download/taginfo-master.db.bz2">taginfo-master.db.bz2</a></td> - <td class="tr"><%= File.size("../../download/taginfo-master.db.bz2").to_bytes rescue "<span class='empty'>#{ t.misc.unknown }</span>" %></td> - <td class="tr"><%= File.size("../../data/taginfo-master.db").to_bytes rescue "<span class='empty'>#{ t.misc.unknown }</span>" %></td> - <td class="tl"><%= t.sources.master.description %></td> + <td class="tr"><%= File.size("../../download/taginfo-master.db.bz2").to_bytes rescue "<span class='empty'>#{ h(t.misc.unknown) }</span>" %></td> + <td class="tr"><%= File.size("../../data/taginfo-master.db").to_bytes rescue "<span class='empty'>#{ h(t.misc.unknown) }</span>" %></td> + <td class="tl"><%= h(t.sources.master.description) %></td> </tr> <% Source.visible.each_with_index do |source, n| c = (n%2==0) ? ' even' : '' %> <tr> diff --git a/web/views/help/keyboard.erb b/web/views/help/keyboard.erb index 0ac37dc..f9bf40c 100644 --- a/web/views/help/keyboard.erb +++ b/web/views/help/keyboard.erb @@ -1,45 +1,45 @@ <table class="help_table"> <tr> - <th><%= t.help.keyboard.site_navigation %></th> - <th><%= t.help.keyboard.page_navigation %></th> - <th><%= t.help.keyboard.table_navigation %></th> + <th><%= h(t.help.keyboard.site_navigation) %></th> + <th><%= h(t.help.keyboard.page_navigation) %></th> + <th><%= h(t.help.keyboard.table_navigation) %></th> </tr> <tr> - <td><span class="key">h</span> - <%= t.help.keyboard.home_page %></td> - <td><span class="key">?</span> - <%= t.help.keyboard.help_page %></td> - <td><span class="key"><%= t.help.keyboard.keys.home %></span> - <%= t.help.keyboard.first_page %></td> + <td><span class="key">h</span> - <%= h(t.help.keyboard.home_page) %></td> + <td><span class="key">?</span> - <%= h(t.help.keyboard.help_page) %></td> + <td><span class="key"><%= h(t.help.keyboard.keys.home) %></span> - <%= h(t.help.keyboard.first_page) %></td> </tr> - <td><span class="key">k</span> - <%= t.help.keyboard.keys_page %></td> - <td><span class="key">s</span> - <%= t.help.keyboard.activate_search %></td> - <td><span class="key"><%= t.help.keyboard.keys.pageup %></span> - <%= t.help.keyboard.prev_page %></td> + <td><span class="key">k</span> - <%= h(t.help.keyboard.keys_page) %></td> + <td><span class="key">s</span> - <%= h(t.help.keyboard.activate_search) %></td> + <td><span class="key"><%= h(t.help.keyboard.keys.pageup) %></span> - <%= h(t.help.keyboard.prev_page) %></td> <tr> - <td><span class="key">t</span> - <%= t.help.keyboard.tags_page %></td> - <td><span class="key"><%= t.help.keyboard.keys.tab %></span> - <%= t.help.keyboard.switch_input %></td> - <td><span class="key"><%= t.help.keyboard.keys.pagedown %></span> - <%= t.help.keyboard.next_page %></td> + <td><span class="key">t</span> - <%= h(t.help.keyboard.tags_page) %></td> + <td><span class="key"><%= h(t.help.keyboard.keys.tab) %></span> - <%= h(t.help.keyboard.switch_input) %></td> + <td><span class="key"><%= h(t.help.keyboard.keys.pagedown) %></span> - <%= h(t.help.keyboard.next_page) %></td> </tr> <tr> - <td><span class="key">r</span> - <%= t.help.keyboard.relations_page %></td> - <td><span class="key">1</span> - <span class="key">9</span> - <%= t.help.keyboard.switch_tab %></td> - <td><span class="key"><%= t.help.keyboard.keys.end %></span> - <%= t.help.keyboard.last_page %></td> + <td><span class="key">r</span> - <%= h(t.help.keyboard.relations_page) %></td> + <td><span class="key">1</span> - <span class="key">9</span> - <%= h(t.help.keyboard.switch_tab) %></td> + <td><span class="key"><%= h(t.help.keyboard.keys.end) %></span> - <%= h(t.help.keyboard.last_page) %></td> </tr> <tr> - <td><span class="key">←</span> - <%= t.help.keyboard.up %></td> - <td><span class="key"><%= t.help.keyboard.keys.esc %></span> - <%= t.help.keyboard.deactivate %></td> - <td><span class="key">↑</span> - <%= t.help.keyboard.prev_entry %></td> + <td><span class="key">←</span> - <%= h(t.help.keyboard.up) %></td> + <td><span class="key"><%= h(t.help.keyboard.keys.esc) %></span> - <%= h(t.help.keyboard.deactivate) %></td> + <td><span class="key">↑</span> - <%= h(t.help.keyboard.prev_entry) %></td> </tr> <tr> <td></td> <td></td> - <td><span class="key">↓</span> - <%= t.help.keyboard.next_entry %></td> + <td><span class="key">↓</span> - <%= h(t.help.keyboard.next_entry) %></td> </tr> <tr> <td></td> <td></td> - <td><span class="key">→</span> - <%= t.help.keyboard.enter_entry %></td> + <td><span class="key">→</span> - <%= h(t.help.keyboard.enter_entry) %></td> </tr> <tr> <td></td> <td></td> - <td><span class="key">f</span> - <%= t.help.keyboard.activate_filter %></td> + <td><span class="key">f</span> - <%= h(t.help.keyboard.activate_filter) %></td> </tr> </table> diff --git a/web/views/help/search.erb b/web/views/help/search.erb index 5c0dac9..ba6ed69 100644 --- a/web/views/help/search.erb +++ b/web/views/help/search.erb @@ -1,14 +1,14 @@ -<p><b><%= t.help.search.intro %></b></p> +<p><b><%= h(t.help.search.intro) %></b></p> <table class="help_table"> <tr><td width="50%"> - <p><%= t.help.search.string %>:</p> + <p><%= h(t.help.search.string) %>:</p> <p class="search">highway</p> - <p><%= t.help.search.substring %>:</p> + <p><%= h(t.help.search.substring) %>:</p> <p class="search">way</p> </td><td width="50%"> - <p><%= t.help.search.complete_tags %>:</p> + <p><%= h(t.help.search.complete_tags) %>:</p> <p class="search">highway=residential</p> - <p><%= t.help.search.values_only %>:</p> + <p><%= h(t.help.search.values_only) %>:</p> <p class="search">=residential</p> </td></tr> </table> diff --git a/web/views/index.erb b/web/views/index.erb index 80a872e..0c986df 100644 --- a/web/views/index.erb +++ b/web/views/index.erb @@ -1,17 +1,17 @@ <table class="boxes resize" width="100%"> <tr> - <td width="232" height="40"><h2><a href="/keys"><%= t.osm.keys %></a></h2></td> + <td width="232" height="40"><h2><a href="/keys"><%= h(t.osm.keys) %></a></h2></td> <td rowspan="6" width="20"></td> - <td height="40"><h2><%= t.pages.index.popular_keys %></h2></td> + <td height="40"><h2><%= h(t.pages.index.popular_keys) %></h2></td> <td rowspan="6" width="20"></td> - <td width="232" height="40"><h2><a href="/reports"><%= t.taginfo.reports %></a></h2></td> + <td width="232" height="40"><h2><a href="/reports"><%= h(t.taginfo.reports) %></a></h2></td> <td rowspan="6" width="20"></td> - <td width="232" height="40"><h2><a href="/about"><%= t.taginfo.about %></a></h2></td> + <td width="232" height="40"><h2><a href="/about"><%= h(t.taginfo.about) %></a></h2></td> </tr> <tr> <td class="box"> <div id="key_list"></div> - <div class="emphasis" style="margin: 10px 0 0 0;"><a href="/keys"><%= t.pages.index.keys.listkeys %></a></div> + <div class="emphasis" style="margin: 10px 0 0 0;"><a href="/keys"><%= h(t.pages.index.keys.listkeys) %></a></div> </td> <td rowspan="5" class="box"> <div id="tagcloud" style="margin: 15px 0; line-height: 200%; text-align: justify; overflow: hidden;"></div> @@ -20,37 +20,37 @@ <p><%= t.pages.reports.intro %></p> <ul style="margin: 0 0 0 18px; padding: 0;"> <% Report.each_visible do |report| %> - <li><a href="<%= report.url %>"><%= t.reports[report.name].name %></a></li> + <li><a href="<%= report.url %>"><%= h(t.reports[report.name].name) %></a></li> <% end %> </ul> - <p class="emphasis" style="margin-top: 20px;"><a href="/reports"><%= t.pages.index.reports.listreports %></a></p> + <p class="emphasis" style="margin-top: 20px;"><a href="/reports"><%= h(t.pages.index.reports.listreports) %></a></p> </td> <td rowspan="3" class="box"> <%= t.pages.index.about.intro %> - <p class="emphasis" style="margin-top: 20px;"><a href="/about"><%= t.pages.index.about.more %></a></p> + <p class="emphasis" style="margin-top: 20px;"><a href="/about"><%= h(t.pages.index.about.more) %></a></p> </td> </tr> <tr> - <td height="40"><h2><a href="/tags"><%= t.osm.tags %></a></h2></td> + <td height="40"><h2><a href="/tags"><%= h(t.osm.tags) %></a></h2></td> </tr> <tr> <td class="box"> <div id="tag_list"></div> - <div class="emphasis" style="margin: 10px 0 0 0;"><a href="/tags"><%= t.pages.index.tags.listtags %></a></div> + <div class="emphasis" style="margin: 10px 0 0 0;"><a href="/tags"><%= h(t.pages.index.tags.listtags) %></a></div> </td> </tr> <tr> - <td height="40"><h2><a href="/relations"><%= t.osm.relation_types %></a></h2></td> - <td height="40"><h2><%= t.taginfo.international %></h2></td> + <td height="40"><h2><a href="/relations"><%= h(t.osm.relation_types) %></a></h2></td> + <td height="40"><h2><%= h(t.taginfo.international) %></h2></td> </tr> <tr> <td class="box"> <div id="relation_list"></div> - <div class="emphasis" style="margin: 10px 0 0 0;"><a href="/relations"><%= t.pages.index.relations.listrelations %></a></div> + <div class="emphasis" style="margin: 10px 0 0 0;"><a href="/relations"><%= h(t.pages.index.relations.listrelations) %></a></div> </td> <td class="box"> <p><%= TaginfoConfig.get('instance.description') %></p> - <p class="emphasis" style="margin-top: 20px;"><a class="extlink" href="http://wiki.openstreetmap.org/wiki/Taginfo/Sites"><%= t.pages.index.international.see %></a></p> + <p class="emphasis" style="margin-top: 20px;"><a class="extlink" href="http://wiki.openstreetmap.org/wiki/Taginfo/Sites"><%= h(t.pages.index.international.see) %></a></p> </td> </tr> </table> diff --git a/web/views/key.erb b/web/views/key.erb index 3e8a20e..465227d 100644 --- a/web/views/key.erb +++ b/web/views/key.erb @@ -1,11 +1,11 @@ <div class="pre"> <form id="filter-form"> - <label for="filter"><%= t.pages.key.filter.label %></label> + <label for="filter"><%= h(t.pages.key.filter.label) %></label> <select id="filter" name="filter"> - <option value="all"<%= @sel['all'] %>><%= t.pages.key.filter.none %></option> - <option value="nodes"<%= @sel['nodes'] %>><%= t.pages.key.filter.nodes %></option> - <option value="ways"<%= @sel['ways'] %>><%= t.pages.key.filter.ways %></option> - <option value="relations"<%= @sel['relations'] %>><%= t.pages.key.filter.relations %></option> + <option value="all"<%= @sel['all'] %>><%= h(t.pages.key.filter.none) %></option> + <option value="nodes"<%= @sel['nodes'] %>><%= h(t.pages.key.filter.nodes) %></option> + <option value="ways"<%= @sel['ways'] %>><%= h(t.pages.key.filter.ways) %></option> + <option value="relations"<%= @sel['relations'] %>><%= h(t.pages.key.filter.relations) %></option> </select> </form> <div id="tools" class="no-print"> @@ -21,16 +21,16 @@ </div> <div id="tabs"> <ul class="no-print"> - <li><a href="#overview"><%= t.taginfo.overview %></a></li> - <li><a href="#values"><%= t.osm.values %></a></li> - <li><a href="#combinations"><%= t.taginfo.key_combinations %></a></li> - <li><a href="#map"><%= t.taginfo.map %></a></li> - <li><a href="#wiki"><%= t.sources.wiki.name %></a></li> - <li><a href="#josm"><%= t.sources.josm.name %></a></li> + <li><a href="#overview"><%= h(t.taginfo.overview) %></a></li> + <li><a href="#values"><%= h(t.osm.values) %></a></li> + <li><a href="#combinations"><%= h(t.taginfo.key_combinations) %></a></li> + <li><a href="#map"><%= h(t.taginfo.map) %></a></li> + <li><a href="#wiki"><%= h(t.sources.wiki.name) %></a></li> + <li><a href="#josm"><%= h(t.sources.josm.name) %></a></li> </ul> <div id="overview"> <div style="float: right; text-align: center; padding-left: 20px;"> - <p><%= t.pages.key.overview.distribution_of_values %></p> + <p><%= h(t.pages.key.overview.distribution_of_values) %></p> <div class="canvas" id="canvas-values"></div> </div> <% if @image_url %> @@ -38,25 +38,25 @@ <img src="<%= @image_url %>" alt=""/> </div> <% end %> - <h2><%= t.taginfo.overview %></h2> + <h2><%= h(t.taginfo.overview) %></h2> <table id="grid-overview"> </table> - <p><span title="<%= t.pages.key.overview.no_endorsement %>" tipsy="n"><%= t.pages.key.overview.objects_last_edited_by(@user_count.to_s_with_ts) %></span></p> + <p><span title="<%= h(t.pages.key.overview.no_endorsement) %>" tipsy="n"><%= h(t.pages.key.overview.objects_last_edited_by(@user_count.to_s_with_ts)) %></span></p> </div> <div id="values"> - <h2><%= t.pages.key.values_used %></h2> + <h2><%= h(t.pages.key.values_used) %></h2> <div> <table id="grid-values"> </table> </div> </div> <div id="combinations"> - <h2><%= t.pages.key.other_keys_used.title %></h2> + <h2><%= h(t.pages.key.other_keys_used.title) %></h2> <table id="grid-keys"> </table> </div> <div id="map"> - <h2><%= t.pages.key.geographic_distribution.title %></h2> + <h2><%= h(t.pages.key.geographic_distribution.title) %></h2> <% if @filter_type == 'all' %> <div style="background-image: url(<%= TaginfoConfig.get('geodistribution.background_image') %>); background-repeat: no-repeat; background-position: 1px 1px;"/> <img class="map" src="/api/4/key/distribution/nodes?key=<%= @key_uri %>" alt="" width="<%= @img_width %>" height="<%= @img_height %>" style="position: absolute;"/> @@ -71,23 +71,23 @@ <img class="map" src="/api/4/key/distribution/ways?key=<%= @key_uri %>" alt="" width="<%= @img_width %>" height="<%= @img_height %>"/> </div> <% elsif @filter_type == 'relations' %> - <p class="empty"><%= t.pages.key.geographic_distribution.relations %></p> + <p class="empty"><%= h(t.pages.key.geographic_distribution.relations) %></p> <% end %> </div> <div id="wiki"> - <h2><%= t.pages.key.wiki_pages.title %></h2> + <h2><%= h(t.pages.key.wiki_pages.title) %></h2> <% if @wiki_count > 0 %> <table id="grid-wiki"> </table> <% else %> - <p class="empty"><%= t.pages.key.wiki_pages.none_found %></p> - <p><a class="extlink" target="_blank" rel="nofollow" href="http://wiki.openstreetmap.org/w/index.php?action=edit&title=Key:<%= @key_uri %>"><%= t.pages.key.wiki_pages.create %></a></p> + <p class="empty"><%= h(t.pages.key.wiki_pages.none_found) %></p> + <p><a class="extlink" target="_blank" rel="nofollow" href="http://wiki.openstreetmap.org/w/index.php?action=edit&title=Key:<%= @key_uri %>"><%= h(t.pages.key.wiki_pages.create) %></a></p> <% end %> </div> <div id="josm"> - <h2><%= t.pages.key.josm.title %></h2> + <h2><%= h(t.pages.key.josm.title) %></h2> <!-- <form> - <label for="josm-style"><%= t.pages.key.josm.choice %></label> + <label for="josm-style"><%= h(t.pages.key.josm.choice) %></label> <select id="josm-style" name="josm-style"> <option>Standard</option> </select> @@ -96,7 +96,7 @@ <table id="grid-josm"> </table> <% else %> - <p class="empty"><%= t.pages.key.josm.no_styles %></p> + <p class="empty"><%= h(t.pages.key.josm.no_styles) %></p> <% end %> </div> </div> diff --git a/web/views/keys.erb b/web/views/keys.erb index a187deb..b153070 100644 --- a/web/views/keys.erb +++ b/web/views/keys.erb @@ -1,6 +1,6 @@ <div class="pre"> - <h1 class="section"><%= t.osm.keys %></h1> - <p><%= t.pages.keys.intro %></p> + <h1 class="section"><%= h(t.osm.keys) %></h1> + <p><%= h(t.pages.keys.intro) %></p> </div> <div class="box resize"> <table id="grid-keys"> diff --git a/web/views/layout.erb b/web/views/layout.erb index b725d61..0c9e321 100644 --- a/web/views/layout.erb +++ b/web/views/layout.erb @@ -12,13 +12,13 @@ </head> <body> <div id="header"> - <div id="header_date" title="<%= t.taginfo.data_from_description %>" tipsy="ne"><%= t.taginfo.data_from %>: <%= @data_until %> UTC</div> + <div id="header_date" title="<%= h(t.taginfo.data_from_description) %>" tipsy="ne"><%= h(t.taginfo.data_from) %>: <%= @data_until %> UTC</div> <div id="header_forms" class="no-print"> <form id="set_language" action="/switch_locale"> <input type="hidden" id="url" name="url" value="<%= TaginfoConfig.get('instance.url') + request.path %>"/> <select id="locale" name="locale"> <% r18n.available_locales.sort{ |a,b| a.title <=> b.title }.each do |locale| %> - <option value="<%= locale.code %>"<%= locale.code == r18n.locale.code ? ' selected="selected"' : ''%>><%= locale.title %></option> + <option value="<%= locale.code %>"<%= locale.code == r18n.locale.code ? ' selected="selected"' : ''%>><%= h(locale.title) %></option> <% end %> </select> </form> @@ -41,18 +41,18 @@ <div id="footer_left"><a class="extlink" href="http://www.openstreetmap.org/"><b>OpenStreetMap</b> - The Free Wiki World Map</a> · <a href="http://www.openstreetmap.org/copyright">Data © OpenStreetMap contributors (ODbL)</a></div> <div id="footer_right"> - <a href="/keys"><%= t.osm.keys %></a> · <a href="/tags"><%= t.osm.tags %></a> · <a href="/relations"><%= t.osm.relations %></a> · - <a href="/reports"><%= t.taginfo.reports %></a> · <a href="/sources"><%= t.taginfo.sources %></a> · - <a href="/download"><%= t.taginfo.download %></a> · <a href="/about"><%= t.taginfo.about %></a> · - <a id="help_link" href="#help"><%= t.misc.help %></a> · - <a class="extlink" href="http://wiki.openstreetmap.org/wiki/Taginfo"><%= t.taginfo.wiki %></a> + <a href="/keys"><%= h(t.osm.keys) %></a> · <a href="/tags"><%= h(t.osm.tags) %></a> · <a href="/relations"><%= h(t.osm.relations) %></a> · + <a href="/reports"><%= h(t.taginfo.reports) %></a> · <a href="/sources"><%= h(t.taginfo.sources) %></a> · + <a href="/download"><%= h(t.taginfo.download) %></a> · <a href="/about"><%= h(t.taginfo.about) %></a> · + <a id="help_link" href="#help"><%= h(t.misc.help) %></a> · + <a class="extlink" href="http://wiki.openstreetmap.org/wiki/Taginfo"><%= h(t.taginfo.wiki) %></a> </div> </div> <div id="javascriptmsg">This website only works with Javascript! Please enable Javascript in your browser.</div> <div id="help"><div id="help_tabs"> <ul> - <li><a href="/help/search"><%= t.help.search.title %></a></li> - <li><a href="/help/keyboard"><%= t.help.keyboard.title %></a></li> + <li><a href="/help/search"><%= h(t.help.search.title) %></a></li> + <li><a href="/help/keyboard"><%= h(t.help.keyboard.title) %></a></li> </ul> </div></div> </body> diff --git a/web/views/not_found.erb b/web/views/not_found.erb index 8820387..900517d 100644 --- a/web/views/not_found.erb +++ b/web/views/not_found.erb @@ -1,4 +1,4 @@ <div class="box resize" style="text-align: center"> - <h1 class="section" style="font-size: 260%; margin: 40px 0;">404 <%= t.pages.not_found.title %></h1> - <%= t.pages.not_found.intro %> + <h1 class="section" style="font-size: 260%; margin: 40px 0;">404 <%= h(t.pages.not_found.title) %></h1> + <%= h(t.pages.not_found.intro) %> </div> diff --git a/web/views/relation.erb b/web/views/relation.erb index 089100c..fdbf149 100644 --- a/web/views/relation.erb +++ b/web/views/relation.erb @@ -12,10 +12,10 @@ </div> <div id="tabs"> <ul> - <li><a href="#overview"><%= t.pages.relation.overview.tab %></a></li> - <li><a href="#roles"><%= t.pages.relation.roles.tab %></a></li> - <li><a href="#graph"><%= t.pages.relation.graph.tab %></a></li> - <li><a href="#wiki"><%= t.sources.wiki.name %></a></li> + <li><a href="#overview"><%= h(t.pages.relation.overview.tab) %></a></li> + <li><a href="#roles"><%= h(t.pages.relation.roles.tab) %></a></li> + <li><a href="#graph"><%= h(t.pages.relation.graph.tab) %></a></li> + <li><a href="#wiki"><%= h(t.sources.wiki.name) %></a></li> </ul> <div id="overview"> <% if @image_url %> @@ -23,37 +23,37 @@ <img src="<%= @image_url %>" alt=""/> </div> <% end %> - <h2><%= t.pages.relation.overview.title %></h2> + <h2><%= h(t.pages.relation.overview.title) %></h2> <table id="grid-overview"> </table> - <p><%= t.pages.relation.overview.see_also %>: type=<span id="taglink"></span></p> + <p><%= h(t.pages.relation.overview.see_also) %>: type=<span id="taglink"></span></p> </div> <div id="roles"> - <h2><%= t.pages.relation.roles.title %></h2> + <h2><%= h(t.pages.relation.roles.title) %></h2> <% if @count_relation_roles > 0 %> <table id="grid-roles"> </table> <% else %> - <p class="empty"><%= t.pages.relation.roles.no_roles_info %></p> + <p class="empty"><%= h(t.pages.relation.roles.no_roles_info) %></p> <% end %> </div> <div id="graph"> - <h2><%= t.pages.relation.graph.title %></h2> + <h2><%= h(t.pages.relation.graph.title) %></h2> <% if @count_relation_roles > 0 %> <div class="canvas"> </div> <% else %> - <p class="empty"><%= t.pages.relation.roles.no_roles_info %></p> + <p class="empty"><%= h(t.pages.relation.roles.no_roles_info) %></p> <% end %> </div> <div id="wiki"> - <h2><%= t.pages.relation.wiki_pages.title %></h2> + <h2><%= h(t.pages.relation.wiki_pages.title) %></h2> <% if @wiki_count > 0 %> <table id="grid-wiki"> </table> <% else %> - <p class="empty"><%= t.pages.relation.wiki_pages.none_found %></p> - <p><a class="extlink" target="_blank" rel="nofollow" href="http://wiki.openstreetmap.org/w/index.php?action=edit&title=Relation:<%= @rtype_uri %>"><%= t.pages.relation.wiki_pages.create %></a></p> + <p class="empty"><%= h(t.pages.relation.wiki_pages.none_found) %></p> + <p><a class="extlink" target="_blank" rel="nofollow" href="http://wiki.openstreetmap.org/w/index.php?action=edit&title=Relation:<%= @rtype_uri %>"><%= h(t.pages.relation.wiki_pages.create) %></a></p> <% end %> </div> </div> diff --git a/web/views/relations.erb b/web/views/relations.erb index 663f24d..8f8cbcb 100644 --- a/web/views/relations.erb +++ b/web/views/relations.erb @@ -1,5 +1,5 @@ <div class="pre"> - <h1 class="section"><%= t.pages.relations.name %></h1> + <h1 class="section"><%= h(t.pages.relations.name) %></h1> <p><%= t.pages.relations.intro %></p> </div> <div class="box resize"> diff --git a/web/views/reports/characters_in_keys.erb b/web/views/reports/characters_in_keys.erb index 9b1cba3..4403969 100644 --- a/web/views/reports/characters_in_keys.erb +++ b/web/views/reports/characters_in_keys.erb @@ -1,22 +1,22 @@ <div class="pre"> - <h1><%= t.reports.characters_in_keys.name %></h1> + <h1><%= h(t.reports.characters_in_keys.name) %></h1> <%= t.reports.characters_in_keys.intro %> </div> <div id="tabs"> <ul> - <li><a href="#statistics"><%= t.reports.characters_in_keys.statistics.tab %></a></li> - <li><a href="#whitespace"><span style="background-color: #d62727;"> </span> <%= t.reports.characters_in_keys.whitespace.tab %></a></li> - <li><a href="#problematic"><span style="background-color: #ff9896;"> </span> <%= t.reports.characters_in_keys.problematic.tab %></a></li> + <li><a href="#statistics"><%= h(t.reports.characters_in_keys.statistics.tab) %></a></li> + <li><a href="#whitespace"><span style="background-color: #d62727;"> </span> <%= h(t.reports.characters_in_keys.whitespace.tab) %></a></li> + <li><a href="#problematic"><span style="background-color: #ff9896;"> </span> <%= h(t.reports.characters_in_keys.problematic.tab) %></a></li> </ul> <div id="statistics"> - <h2><%= t.reports.characters_in_keys.statistics.title %></h2> + <h2><%= h(t.reports.characters_in_keys.statistics.title) %></h2> <div class="canvas boxpre" id="canvas" style="margin: 20px 0;"></div> <table class="list"> <tr> <th> </th> - <th class="tr"><%= t.misc.count %></th> - <th class="tr"><%= t.reports.characters_in_keys.statistics.fraction %></th> - <th class="tl"><%= t.reports.characters_in_keys.statistics.characters %></th> + <th class="tr"><%= h(t.misc.count) %></th> + <th class="tr"><%= h(t.reports.characters_in_keys.statistics.fraction) %></th> + <th class="tl"><%= h(t.reports.characters_in_keys.statistics.characters) %></th> </tr> <% letter='A' colors = { :A => '#2ca02c', :B => '#98df8a', :C => '#dbdb8d', :D => '#d62728', :E => '#ff9896', :F => '#aec7e8' } @@ -37,7 +37,7 @@ </table> </div> <div id="whitespace"> - <h2><%= t.reports.characters_in_keys.whitespace.title %></h2> + <h2><%= h(t.reports.characters_in_keys.whitespace.title) %></h2> <div class="boxpre"> <%= t.reports.characters_in_keys.whitespace.intro %> </div> @@ -45,7 +45,7 @@ </table> </div> <div id="problematic"> - <h2><%= t.reports.characters_in_keys.problematic.title %></h2> + <h2><%= h(t.reports.characters_in_keys.problematic.title) %></h2> <div class="boxpre"> <%= t.reports.characters_in_keys.problematic.intro %> </div> diff --git a/web/views/reports/database_statistics.erb b/web/views/reports/database_statistics.erb index 19b84ac..6c101c6 100644 --- a/web/views/reports/database_statistics.erb +++ b/web/views/reports/database_statistics.erb @@ -1,10 +1,10 @@ -<h1><%= t.reports.database_statistics.name %></h1> +<h1><%= h(t.reports.database_statistics.name) %></h1> <table class="boxes"> <tr> - <td><h2><img class="icon_large" src="/img/types/all.20.png" alt=""/> <%= t.osm.objects %></h2></td> + <td><h2><img class="icon_large" src="/img/types/all.20.png" alt=""/> <%= h(t.osm.objects) %></h2></td> <td rowspan="4" width="20"></td> - <td><h2><img class="icon_large" src="/img/types/tag.20.png" alt=""/> <%= t.osm.tags %></h2></td> + <td><h2><img class="icon_large" src="/img/types/tag.20.png" alt=""/> <%= h(t.osm.tags) %></h2></td> <td rowspan="4" width="20"></td> <td></td> </tr> @@ -24,9 +24,9 @@ <td></td> </tr> <tr> - <td><h2><img class="icon_large" src="/img/types/node.20.png" alt=""/> <%= t.osm.nodes %></h2></td> - <td><h2><img class="icon_large" src="/img/types/way.20.png" alt=""/> <%= t.osm.ways %></h2></td> - <td><h2><img class="icon_large" src="/img/types/relation.20.png" alt=""/> <%= t.osm.relations %></h2></td> + <td><h2><img class="icon_large" src="/img/types/node.20.png" alt=""/> <%= h(t.osm.nodes) %></h2></td> + <td><h2><img class="icon_large" src="/img/types/way.20.png" alt=""/> <%= h(t.osm.ways) %></h2></td> + <td><h2><img class="icon_large" src="/img/types/relation.20.png" alt=""/> <%= h(t.osm.relations) %></h2></td> </tr> <tr> <td class="box"> diff --git a/web/views/reports/index.erb b/web/views/reports/index.erb index 1bd6e8b..1acd99e 100644 --- a/web/views/reports/index.erb +++ b/web/views/reports/index.erb @@ -1,9 +1,9 @@ <div class="pre"> - <h1 class="section"><%= t.taginfo.reports %></h1> - <p><%= t.pages.reports.intro %></p> + <h1 class="section"><%= h(t.taginfo.reports) %></h1> + <p><%= h(t.pages.reports.intro) %></p> </div> <div class="box resize"> - <h2><%= t.pages.reports.list %></h2> + <h2><%= h(t.pages.reports.list) %></h2> <table class="list"> <tr><th class="tc" colspan="<%= Source.visible.size %>"/><%= t.pages.reports.data_sources %></th><th class="tl"><%= t.taginfo.report %></th></tr> <% Report.each_visible_with_index do |report, n| c = (n%2!=0) ? ' even' : '' %> diff --git a/web/views/reports/josm_styles.erb b/web/views/reports/josm_styles.erb index 83279f0..22e7a7a 100644 --- a/web/views/reports/josm_styles.erb +++ b/web/views/reports/josm_styles.erb @@ -1,5 +1,5 @@ <div class="pre"> - <h1><%= t.reports.josm_styles.name %></h1> + <h1><%= h(t.reports.josm_styles.name) %></h1> <!-- Select style: <select> diff --git a/web/views/reports/language_comparison_table_for_keys_in_the_wiki.erb b/web/views/reports/language_comparison_table_for_keys_in_the_wiki.erb index 9b0f58e..6b81119 100644 --- a/web/views/reports/language_comparison_table_for_keys_in_the_wiki.erb +++ b/web/views/reports/language_comparison_table_for_keys_in_the_wiki.erb @@ -1,14 +1,14 @@ <div class="pre"> - <h1><%= t.reports.language_comparison_table_for_keys_in_the_wiki.name %></h1> + <h1><%= h(t.reports.language_comparison_table_for_keys_in_the_wiki.name) %></h1> <%= t.reports.language_comparison_table_for_keys_in_the_wiki.intro %> </div> <div class="box resize"> <table id="grid-keys"> </table> <table class="boxpre"> - <tr><td><img width="16" height="16" src="/img/sources/wiki/wiki-t.png" alt="[t]"/></td><td><%= t.reports.language_comparison_table_for_keys_in_the_wiki.icons.template %></td></tr> - <tr><td><img width="16" height="16" src="/img/sources/wiki/wiki-e.png" alt="[e]"/></td><td><%= t.reports.language_comparison_table_for_keys_in_the_wiki.icons.error %></td></tr> - <tr><td><img width="16" height="16" src="/img/sources/wiki/wiki-p.png" alt="[p]"/></td><td><%= t.reports.language_comparison_table_for_keys_in_the_wiki.icons.page %></td></tr> - <tr><td><img width="16" height="16" src="/img/sources/wiki/wiki-r.png" alt="[r]"/></td><td><%= t.reports.language_comparison_table_for_keys_in_the_wiki.icons.redirect %></td></tr> + <tr><td><img width="16" height="16" src="/img/sources/wiki/wiki-t.png" alt="[t]"/></td><td><%= h(t.reports.language_comparison_table_for_keys_in_the_wiki.icons.template) %></td></tr> + <tr><td><img width="16" height="16" src="/img/sources/wiki/wiki-e.png" alt="[e]"/></td><td><%= h(t.reports.language_comparison_table_for_keys_in_the_wiki.icons.error) %></td></tr> + <tr><td><img width="16" height="16" src="/img/sources/wiki/wiki-p.png" alt="[p]"/></td><td><%= h(t.reports.language_comparison_table_for_keys_in_the_wiki.icons.page) %></td></tr> + <tr><td><img width="16" height="16" src="/img/sources/wiki/wiki-r.png" alt="[r]"/></td><td><%= h(t.reports.language_comparison_table_for_keys_in_the_wiki.icons.redirect) %></td></tr> </table> </div> diff --git a/web/views/reports/languages.erb b/web/views/reports/languages.erb index 2a4ffa7..175bd78 100644 --- a/web/views/reports/languages.erb +++ b/web/views/reports/languages.erb @@ -1,5 +1,5 @@ <div class="pre"> - <h1><%= t.reports.languages.name %></h1> + <h1><%= h(t.reports.languages.name) %></h1> <%= t.reports.languages.intro %> </div> <div class="box"> diff --git a/web/views/reports/name_tags.erb b/web/views/reports/name_tags.erb index f3196dd..c77bc8a 100644 --- a/web/views/reports/name_tags.erb +++ b/web/views/reports/name_tags.erb @@ -4,16 +4,16 @@ @sel[@filter_type] = ' selected="selected"' %> <div class="pre"> - <h1><%= t.reports.name_tags.name %></h1> + <h1><%= h(t.reports.name_tags.name) %></h1> <%= t.reports.name_tags.intro %> </div> <div id="tabs"> <ul> - <li><a href="#overview"><%= t.reports.name_tags.overview.tab %></a></li> - <li><a href="#bcp47"><%= t.reports.name_tags.bcp47.tab %></a></li> + <li><a href="#overview"><%= h(t.reports.name_tags.overview.tab) %></a></li> + <li><a href="#bcp47"><%= h(t.reports.name_tags.bcp47.tab) %></a></li> </ul> <div id="overview"> - <h2><%= t.reports.name_tags.overview.title %></h2> + <h2><%= h(t.reports.name_tags.overview.title) %></h2> <div class="boxpre"> <p>Tag keys containing "name".</p> </div> @@ -21,11 +21,11 @@ </table> </div> <div id="bcp47"> - <h2><%= t.reports.name_tags.bcp47.title %></h2> + <h2><%= h(t.reports.name_tags.bcp47.title) %></h2> <div class="boxpre"> <%= t.reports.name_tags.bcp47.intro %> <form id="subtag-filter-form"> - <label for="subtag-filter"><%= t.reports.name_tags.bcp47.filter.label %>:</label> + <label for="subtag-filter"><%= h(t.reports.name_tags.bcp47.filter.label) %>:</label> <select id="subtag-filter" name="subtag-filter"> <option value="all"<%= @sel[''] %>><%= t.reports.name_tags.bcp47.filter.all %></option> <% BCP47::SUBTAG_TYPES.each do |type| %> diff --git a/web/views/reports/wiki_pages_about_non_existing_keys.erb b/web/views/reports/wiki_pages_about_non_existing_keys.erb index ea1d790..46771d0 100644 --- a/web/views/reports/wiki_pages_about_non_existing_keys.erb +++ b/web/views/reports/wiki_pages_about_non_existing_keys.erb @@ -1,5 +1,5 @@ <div class="pre"> - <h1><%= t.reports.wiki_pages_about_non_existing_keys.name %></h1> + <h1><%= h(t.reports.wiki_pages_about_non_existing_keys.name) %></h1> <%= t.reports.wiki_pages_about_non_existing_keys.intro %> </div> <div class="box resize"> diff --git a/web/views/search.erb b/web/views/search.erb index b6bf5ce..40fdb20 100644 --- a/web/views/search.erb +++ b/web/views/search.erb @@ -1,37 +1,37 @@ <div class="pre"> <h1 class="section"><%= @title %></h1> - <p><b><%= t.pages.search.you_were_searching_for %>:</b> <%= escape_html(@query) %></p> + <p><b><%= h(t.pages.search.you_were_searching_for) %>:</b> <%= escape_html(@query) %></p> </div> <div id="tabs"> <ul> - <li><a href="#keys"><%= t.osm.keys %></a></li> - <li><a href="#values"><%= t.osm.values %></a></li> - <li><a href="#relations"><%= t.osm.relation_types %></a></li> - <li><a href="#roles"><%= t.osm.relation_member_roles %></a></li> - <li><a href="#fulltext"><%= t.pages.search.fulltext %></a></li> + <li><a href="#keys"><%= h(t.osm.keys) %></a></li> + <li><a href="#values"><%= h(t.osm.values) %></a></li> + <li><a href="#relations"><%= h(t.osm.relation_types) %></a></li> + <li><a href="#roles"><%= h(t.osm.relation_member_roles) %></a></li> + <li><a href="#fulltext"><%= h(t.pages.search.fulltext) %></a></li> </ul> <div id="keys"> - <h2><%= t.osm.keys %></h2> + <h2><%= h(t.osm.keys) %></h2> <table id="grid-keys"> </table> </div> <div id="values"> - <h2><%= t.osm.values %></h2> + <h2><%= h(t.osm.values) %></h2> <table id="grid-values"> </table> </div> <div id="relations"> - <h2><%= t.osm.relation_types %></h2> + <h2><%= h(t.osm.relation_types) %></h2> <table id="grid-relations"> </table> </div> <div id="roles"> - <h2><%= t.osm.relation_member_roles %></h2> + <h2><%= h(t.osm.relation_member_roles) %></h2> <table id="grid-roles"> </table> </div> <div id="fulltext"> - <h2><%= t.pages.search.fulltext %></h2> + <h2><%= h(t.pages.search.fulltext) %></h2> <p class="boxpre" style="color: #f00000;">This search is experimental. It shows keys and tags that might be related to the word you searched for. This doesn't work if there are several words.</p> <table id="grid-fulltext"> </table> diff --git a/web/views/search_tags.erb b/web/views/search_tags.erb index 0146263..ca3a509 100644 --- a/web/views/search_tags.erb +++ b/web/views/search_tags.erb @@ -1,13 +1,13 @@ <div class="pre"> <h1 class="section"><%= @title %></h1> - <p><b><%= t.pages.search.you_were_searching_for %>:</b> <%= escape_html(@query) %></p> + <p><b><%= h(t.pages.search.you_were_searching_for) %>:</b> <%= escape_html(@query) %></p> </div> <div id="tabs"> <ul> - <li><a href="#tags"><%= t.osm.tags %></a></li> + <li><a href="#tags"><%= h(t.osm.tags) %></a></li> </ul> <div id="tags"> - <h2><%= t.osm.tags %></h2> + <h2><%= h(t.osm.tags) %></h2> <table id="grid-tags"> </table> </div> diff --git a/web/views/sources.erb b/web/views/sources.erb index adc790b..4d338ee 100644 --- a/web/views/sources.erb +++ b/web/views/sources.erb @@ -1,20 +1,20 @@ <div class="pre"> - <h1 class="section"><%= t.taginfo.sources %></h1> + <h1 class="section"><%= h(t.taginfo.sources) %></h1> <%= t.pages.sources.intro %> </div> <div class="box resize"> <table class="list"> <tr> - <th class="tl"><%= t.taginfo.source %></th><th><%= t.pages.sources.data_until %>*</th><th><%= t.pages.sources.last_update_run %></th> + <th class="tl"><%= h(t.taginfo.source) %></th><th><%= h(t.pages.sources.data_until) %>*</th><th><%= h(t.pages.sources.last_update_run) %></th> </tr> <% Source.visible.each_with_index do |source, n| c = (n%2!=0) ? ' even' : '' %> <tr> - <td class="<%= c %>"><%= source.name %> - <td class="tc<%= c %>"><%= source.data_until %> UTC</td> - <td class="tc<%= c %>"><%= source.update_start + ' ' + t.pages.sources.to + ' ' + source.update_end %> UTC</td> + <td class="<%= c %>"><%= h(source.name) %> + <td class="tc<%= c %>"><%= h(source.data_until) %> UTC</td> + <td class="tc<%= c %>"><%= h(source.update_start + ' ' + t.pages.sources.to + ' ' + source.update_end) %> UTC</td> </tr> <% end %> </table> - <p style="font-size: 80%">* <%= t.pages.sources.data_until_explanation %></p> + <p style="font-size: 80%">* <%= h(t.pages.sources.data_until_explanation) %></p> </div> diff --git a/web/views/tag.erb b/web/views/tag.erb index 34644d6..0d36332 100644 --- a/web/views/tag.erb +++ b/web/views/tag.erb @@ -1,11 +1,11 @@ <div class="pre"> <form id="filter-form"> - <label for="filter"><%= t.pages.key.filter.label %></label> + <label for="filter"><%= h(t.pages.key.filter.label) %></label> <select id="filter" name="filter"> - <option value="all"<%= @sel['all'] %>><%= t.pages.key.filter.none %></option> - <option value="nodes"<%= @sel['nodes'] %>><%= t.pages.key.filter.nodes %></option> - <option value="ways"<%= @sel['ways'] %>><%= t.pages.key.filter.ways %></option> - <option value="relations"<%= @sel['relations'] %>><%= t.pages.key.filter.relations %></option> + <option value="all"<%= @sel['all'] %>><%= h(t.pages.key.filter.none) %></option> + <option value="nodes"<%= @sel['nodes'] %>><%= h(t.pages.key.filter.nodes) %></option> + <option value="ways"<%= @sel['ways'] %>><%= h(t.pages.key.filter.ways) %></option> + <option value="relations"<%= @sel['relations'] %>><%= h(t.pages.key.filter.relations) %></option> </select> </form> <div id="tools"> @@ -21,10 +21,10 @@ </div> <div id="tabs"> <ul> - <li><a href="#overview"><%= t.taginfo.overview %></a></li> - <li><a href="#combinations"><%= t.taginfo.combinations %></a></li> - <li><a href="#wiki"><%= t.sources.wiki.name %></a></li> - <li><a href="#josm"><%= t.sources.josm.name %></a></li> + <li><a href="#overview"><%= h(t.taginfo.overview) %></a></li> + <li><a href="#combinations"><%= h(t.taginfo.combinations) %></a></li> + <li><a href="#wiki"><%= h(t.sources.wiki.name) %></a></li> + <li><a href="#josm"><%= h(t.sources.josm.name) %></a></li> </ul> <div id="overview"> <% if @image_url %> @@ -32,35 +32,35 @@ <img src="<%= @image_url %>" alt=""/> </div> <% end %> - <h2><%= t.taginfo.overview %></h2> + <h2><%= h(t.taginfo.overview) %></h2> <table id="grid-overview"> </table> <% if @has_rtype_link %> - <p><%= t.pages.tag.overview.see_also %>: <span id="relationlink"></span></p> + <p><%= h(t.pages.tag.overview.see_also) %>: <span id="relationlink"></span></p> <% end %> </div> <div id="combinations"> <div class="boxpre"> - <h2><%= t.pages.tag.combinations.title %></h2> - <p><%= t.pages.tag.combinations.description %></p> + <h2><%= h(t.pages.tag.combinations.title) %></h2> + <p><%= h(t.pages.tag.combinations.description) %></p> </div> <table id="grid-combinations"> </table> </div> <div id="wiki"> - <h2><%= t.pages.tag.wiki_pages.title %></h2> + <h2><%= h(t.pages.tag.wiki_pages.title) %></h2> <% if @wiki_count > 0 %> <table id="grid-wiki"> </table> <% else %> - <p class="empty"><%= t.pages.tag.wiki_pages.none_found %> <%= @wiki_count_key > 0 ? t.pages.tag.wiki_pages.suggest_key_wiki_page('<span id="keylink"></span>') : '' %></p> - <p><a class="extlink" target="_blank" rel="nofollow" href="http://wiki.openstreetmap.org/w/index.php?action=edit&title=Tag:<%= escape(@tag) %>"><%= t.pages.tag.wiki_pages.create %></a></p> + <p class="empty"><%= h(t.pages.tag.wiki_pages.none_found) %> <%= @wiki_count_key > 0 ? t.pages.tag.wiki_pages.suggest_key_wiki_page('<span id="keylink"></span>') : '' %></p> + <p><a class="extlink" target="_blank" rel="nofollow" href="http://wiki.openstreetmap.org/w/index.php?action=edit&title=Tag:<%= escape(@tag) %>"><%= h(t.pages.tag.wiki_pages.create) %></a></p> <% end %> </div> <div id="josm"> - <h2><%= t.pages.tag.josm.title %></h2> + <h2><%= h(t.pages.tag.josm.title) %></h2> <!-- <form> - <label for="josm-style"><%= t.pages.tag.josm.choice %></label> + <label for="josm-style"><%= h(t.pages.tag.josm.choice) %></label> <select id="josm-style" name="josm-style"> <option>Standard</option> </select> @@ -69,7 +69,7 @@ <table id="grid-josm"> </table> <% else %> - <p class="empty"><%= t.pages.key.josm.no_styles %></p> + <p class="empty"><%= h(t.pages.key.josm.no_styles) %></p> <% end %> </div> </div> diff --git a/web/views/tags.erb b/web/views/tags.erb index ae21c85..9a849c0 100644 --- a/web/views/tags.erb +++ b/web/views/tags.erb @@ -1,6 +1,6 @@ <div class="pre"> - <h1 class="section"><%= t.osm.tags %></h1> - <p><%= t.pages.tags.intro %></p> + <h1 class="section"><%= h(t.osm.tags) %></h1> + <p><%= h(t.pages.tags.intro) %></p> </div> <div class="box resize"> <table id="grid-tags"> |