diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2013-06-07 23:41:57 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2013-06-07 23:41:57 -0700 |
| commit | 78d0e4b3ed39b4f44aba115c6711cfdde1a02d72 (patch) | |
| tree | c0ba9a6e034d3a68df90340900a1c501b07a9e2c | |
| parent | 041e476beaa6a200ffff8db50671f2b4245c86b8 (diff) | |
fix XSS
| -rw-r--r-- | httemplate/elements/search-cust_main.html | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/httemplate/elements/search-cust_main.html b/httemplate/elements/search-cust_main.html index e8c645eca..ba6a479a6 100644 --- a/httemplate/elements/search-cust_main.html +++ b/httemplate/elements/search-cust_main.html @@ -19,7 +19,7 @@ Example: NAME = "<% $field %>_search" ID = "<% $field %>_search" SIZE = "32" - VALUE="<% $cust_main ? $cust_main->name : '(cust #, name or company)' %>" + VALUE="<% $cust_main ? $cust_main->name : '(cust #, name or company)' |h %>" onFocus="clearhint_<% $field %>_search(this);" onClick="clearhint_<% $field %>_search(this);" onChange="smart_<% $field %>_search(this);" |