diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2013-06-07 23:41:52 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2013-06-07 23:41:52 -0700 |
| commit | 0f21021fea8f99d28b4507c3cffa55cbdd6f110d (patch) | |
| tree | f2533921576eadf9bedd228f3e89e9d01df1d6dd | |
| parent | 42eaf0aec334e15163848eb2bed33db9fd349efa (diff) | |
fix XSS
| -rw-r--r-- | httemplate/elements/search-cust_main.html | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/httemplate/elements/search-cust_main.html b/httemplate/elements/search-cust_main.html index e8c645eca..ba6a479a6 100644 --- a/httemplate/elements/search-cust_main.html +++ b/httemplate/elements/search-cust_main.html @@ -19,7 +19,7 @@ Example: NAME = "<% $field %>_search" ID = "<% $field %>_search" SIZE = "32" - VALUE="<% $cust_main ? $cust_main->name : '(cust #, name or company)' %>" + VALUE="<% $cust_main ? $cust_main->name : '(cust #, name or company)' |h %>" onFocus="clearhint_<% $field %>_search(this);" onClick="clearhint_<% $field %>_search(this);" onChange="smart_<% $field %>_search(this);" |