diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2013-06-07 23:42:01 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2013-06-07 23:42:01 -0700 |
| commit | 7aeaf8748ca66ffb4f49dd2c2ab3f796b0bdbc5a (patch) | |
| tree | 390df4b0eb4e428c345e5fe5865706cf9e72568b | |
| parent | 77222877e31c59d9e9b45efb0655bc57d6448bb5 (diff) | |
fix XSS
| -rw-r--r-- | httemplate/elements/search-cust_main.html | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/httemplate/elements/search-cust_main.html b/httemplate/elements/search-cust_main.html index e8c645eca..ba6a479a6 100644 --- a/httemplate/elements/search-cust_main.html +++ b/httemplate/elements/search-cust_main.html @@ -19,7 +19,7 @@ Example: NAME = "<% $field %>_search" ID = "<% $field %>_search" SIZE = "32" - VALUE="<% $cust_main ? $cust_main->name : '(cust #, name or company)' %>" + VALUE="<% $cust_main ? $cust_main->name : '(cust #, name or company)' |h %>" onFocus="clearhint_<% $field %>_search(this);" onClick="clearhint_<% $field %>_search(this);" onChange="smart_<% $field %>_search(this);" |